Benchmarks
These are used to guide the implementation of best practices in system hardening.
These help to automate account management.
What is MSA (Managed Server Accounts)?
Hardening that secures Windows operating systems.
What is Windows OS hardening?
Website hosted by a non-profit group providing benchmarks for endpoint hardening.
These objects are used to enforce security policies on Windows endpoints.
What are Group Policy Objects (GPOs)
The provides multiple forms of verification to enhance security.
What is MFA (Multi-factor authentication?
This type of data pertains to social security numbers, names, addresses, birth dates, phone numbers, and e-mail addresses.
What is personal identifying information (PII)?
What are regular assessments?
Type of attack that targets tickets and can be mitigated by using strong passwords on service accounts.
What are Kerberoasting attacks?
A protocol used by employees to remotely connect to their workstations that should be limited to reduce attack vectors.
What is RDP (Remote Desktop Protocol)?
This type of information includes patents, trade secrets, and proprietary information.
What is intellectual property (IP)?
A scoring system given to vulnerabilities used to rate their level of risk.
What is CVSS (common vulnerability scoring system)?
Network protocol used to share files and resourced between computers that attackers can use for lateral movement.
What is SMB (Server Message Block)
Limits user access to resources based solely on their role.
What is RBAC (Role Based Access Control)?
Type of data includes bank account details and credit card numbers.
What is Financial Data?
The program to identify, define, and catalog publicly disclosed cyber security vulnerabilities.
What is CVE (Common Vulnerabilities and Exposures)?
A cloud based automated hardening tool from Microsoft.
What is Intune?
Ways an organization can address user resistance to security configurations.
What is training and support?
The entire range of endpoints in an organization that need to be hardened against attacks and the primary purpose that endpoint hardening attempts to reduce.
What is the attack surface?