Server Hardening Fundamentals

Server Hardening Fundamentals

English | MP4 | AVC 1920×1080 | AAC 44KHz 2ch | 3h 06m | 1.32 GB

Servers across many organizations provide a multitude of services including some of which are critical infrastructure for keeping a company running. There are a variety of server types such as email, financial data, application databases and file and print servers that need to have safeguards in place to protect these assets not only from threats coming from outside of the organization, but insider threats as well. This course is for those Security and System Administrators that may not have the experience or exposure for implementing some of these baseline controls or those that simply need a refresher. The course itself will not be able to cover everything and is not intended to include servers that are used for maintenance or remote connection accessibility. We want the audience to walk away with a better knowledge and understanding to get you started or open up the collaboration and discussions with those helping to make these decisions from your own communities and organizations. It is assumed that learners have a basic understanding of system and network security and can navigate around the Linux and Windows operating systems. Security is everyone’s job and there is a vast amount of public resources available that can help assist in finding your needs.

Table of Contents

Course Introduction
1 What to Expect

Getting Started
2 About the Author

Setting Up Servers
3 Windows Server 2019 Overview and Key Features (Optional)
4 Kali Linux Overview and Key Features (Optional)

Threats, Vulnerabilities, and Risks
5 Types of Threats and Threat Actors
6 Determining Vulnerabilities
7 Risk Assessments and Mitigation
8 Security Categorization and Objectives on Information Systems
9 Conclusion

Server Security
10 Installation and Planning Helps Achieve Security Success
11 Roles and Responsibilities of Security Staff
12 Server Management Practices and Policies
13 System Security Plan
14 Human Resources Requirements
15 Conclusion

Securing the Operating System
16 Patching and Upgrading the Operating System
17 Hardening and Securely Configuring the Operating System
18 Remove or Disable Unnecessary Services, Applications, and Network Protocols
19 Configure Operating System User Authentication
20 Additional Control Considerations
21 Conclusion

Securing the Server Software
22 Software Security Recommendations
23 Configuring Access Controls
24 Resource Constraints and Mitigation Recommendations
25 Authentication and Encryption Technologies
26 Conclusion

Maintaining the Security of a Server
27 It Starts with Logging
28 Logging Requirements
29 Reviewing and Retaining Log Files
30 Automated Log File Analysis Tools
31 Server Backup Types, Procedures and Policies
32 Recovering from a Security Compromise
33 Continuous Security Testing
34 Conclusion

Wrapping Up
35 Additional Resources
36 What's Next