4.1 Manageable Network Plan
A process created by the National Security Agency (NSA) to assist in making a network manageable, defensible, and secure.
What is a manageable network plan?
The process of increasing the security of devices and software.
What is hardening?
Extremely large amounts of data are referred to as.
What is big data?
A component of a manageable network plan that indicates an action or event.
What is a milestone?
An operating system that comes hardened and validated to a specific security level as defined in the Common Criteria for Information Technology Security Evaluation (CC).
What is a Trusted Operating System (TOS)?
A standalone storage device or appliance that acts as a file server.
What is Network Attached Storage (NAS)?
How many milestones are there in a Manageable Network Plan?
What is 8 milestones?
A quick fix for a problem.
What is a hotfix?
A hotfix is a quick fix for a problem. Normally, you install a hotfix only if you have the specific problem it is intended to fix. Hotfixes are: Typically made to address a specific customer situation and possibly may not be distributed outside that customer organization. Commonly used to address freshly discovered security holes.
A special network composed of high speed storage that is shared by multiple servers.
What is a Storage area Network (SAN)?
What is the difference between Manage Your Network Part I (Patch Management) and Manage Your Network Part II(Baseline Management)?
Manage Your Network Part I (Patch Management) establishes an update management process for all software on your network. Patch all systems on a regular schedule Apply critical patches whenever they are released Include mobile devices that connect to the network infrequently Automate the patching process Consider using Windows Server Update Services (WSUS).
Manage Your Network Part II (Baseline Management) provides rules for establishing a baseline for all systems. Create an approved application list for each class of device on the network Establish the criteria and process for getting an application on the approved list Verify apps before adding them to the allowed list Create device baselines Secure web browsers Check baselines for security misconfigurations. Consider using the Microsoft Security Compliance Toolkit (SCT).
What is the difference between a patch and a service pack (SP)?
A patch is also a quick fix, but generally more thoroughly tested than a hotfix and designed for a wider deployment. Patches: Include previous hotfixes that the manufacturer has thoroughly tested for mass deployment. Include fixes that should be applied to wider audiences, such as patching security holes.
A service pack (SP) is a collection of patches, hotfixes, and other system enhancements that have been tested by the manufacturer for wide deployment. A service pack includes all previously released bug fixes. If you install the service pack, you do not need to install individual patches. Installing a service pack also includes all previous service packs.
Explain Share permissions.
Share permissions control access through a network connection with the file server. If files are accessed locally, share permissions do not control access. Share permissions have three levels of permissions: Reader (read only) Contributor (read and write) Owner or Co-owner (full control, or all permissions) Share permissions can be set only on a folder.
What is the most important concept of a Manageable Network Plan?
What is documentation?
Document your processes and procedures.
What is a configuration baseline?
A configuration baseline is a set of consistent requirements for a workstation or server. A security baseline is a component of the configuration baseline that ensures that all workstations and servers comply with the security goals of the organization. Use configuration baselines as follows: Identify common configuration baselines that should be applied to all, or a group, of systems. Use security templates to quickly apply security baseline settings. A security template is a saved set of configuration values that produce the system configuration as specified in the configuration baseline. When you apply the security template to a system, the settings within the template are applied to the system. Use security templates to: Quickly apply settings to one or more computers. Configure consistent security settings between devices. Quickly restore security settings to the baseline. Compare the actual settings on a device to the settings required by the configuration baseline. Microsoft operating systems include the following tools for managing security templates: The Security Templates snap-in, which creates and edits templates. You can obtain security templates from various sources, including the NSA, which has predefined settings it believes are appropriate for Windows operating systems. The Security Configuration and Analysis snap-in, which compares the existing settings with the template or applies a template to a single device.. The Group Policy Editor, which imports a template into Group Policy and applies the template to multiple computers.
Explain New Technology File System (NTFS) permissions.
NTFS permissions: Can be set on drives, folders, and files. Control both local and network access. Have dozens of permissions that offer granular control over what actions are allowed. Can be set only on volumes formatted with NTFS.