Server Hardening Fundamentals
Security Training Architect I
Servers across many organizations provide a multitude of services including some of which are critical infrastructure for keeping a company running. There are a variety of server types such as email, financial data, application databases and file and print servers that need to have safeguards in place to protect these assets not only from threats coming from outside of the organization, but insider threats as well. This course is for those Security and System Administrators that may not have the experience or exposure for implementing some of these baseline controls or those that simply need a refresher. The course itself will not be able to cover everything and is not intended to include servers that are used for maintenance or remote connection accessibility. We want the audience to walk away with a better knowledge and understanding to get you started or open up the collaboration and discussions with those helping to make these decisions from your own communities and organizations. It is assumed that learners have a basic understanding of system and network security and can navigate around the Linux and Windows operating systems. Security is everyone’s job and there is a vast amount of public resources available that can help assist in finding your needs.
Server Hardening Fundamentals
What to Expect
This video outlines what to expect when it comes to server hardening fundamentals.It emphasizes on important topics to ensure safeguards are being put in place with security being the priority focus and ensuring a succesful deployment.
About the Author
Professional life: I have over 20 years of IT experience and my current role as a Training Architect has to be one of the best experiences! I have served in various roles, including System Engineer, Technical Project Manager, Technology Consultant, and a few leadership roles along the way.
Setting Up Servers
Windows Server 2019 Overview and Key Features (Optional)
This video briefly covers some of the key feature enhancements for Windows Server 2019, which also includes some additonal information on Advanced Threat Protection (ATP).
Kali Linux Overview and Key Features (Optional)
This lesson offers a quick optional overview of Kali Linux and how this distribution plays a role in digital forensics and penetration.
Threats, Vulnerabilities, and Risks
Types of Threats and Threat Actors
In this lesson, it is important to be able to differentiate between some of the potential threats and threat actors that play a role in trying to exploit vulnerabilities on the systems and assets we are trying to protect. Knowing this information can not only help determine indicators of compromise "IOC" and change the way we respond to these threats but also create opportunities to harden and secure these assets before it becomes a problem.
In this video, we will take you on a high-level overview on some of the basic concepts and ways in which we determine vulnerabilities. Several paths can be taken through automated tools and online publications. We will show you examples on both, and hopefully, this can assist in determining what fits best for your organization.
Risk Assessments and Mitigation
This video covers a very high-level description of risk assessment and mitigation and introduces a few core publications that can be used to describe some of the core concepts when it comes to the risk management framework.
Security Categorization and Objectives on Information Systems
It is important to understand some of the qualifying attributes of the servers and assets in an environment, as this will help define the types of controls that might need to be put in place based on specific criteria. This is a high-level overview that explains some of these details with the expectation that someone with less experience can walk away with a better understanding of the underlining attributes that may be applied to classify systems and servers based on prioritization.
In this video we are wrapping up and concluding section two, and running through a quick review of what was covered throughout Threats, Vulnerabilities and Risks.
Installation and Planning Helps Achieve Security Success
Understanding what is at stake when it comes to the planning and implementation of security controls is a strong focus in this video. This shapes an outline of basic security principles that should be taken into consideration and can help promote a strong security mindset. Security should be one of the first thoughts when tackling implementation, and should not occur after the work has been completed. By then, it may be too late and prove too costly!
Roles and Responsibilities of Security Staff
This video is a brief overview on most industry-standard roles and responsibilities of security staff. It is a good idea to have a base understanding of your organizational layout in the event you need to reach out for help or communicate information during a major incident or event.
Server Management Practices and Policies
This video demonstrates from a high level the importance of documenting, and keeping a strong, controlled policy when it comes to change management, risk assessments to lower risk levels and ensuring these systems are consistent with configuration controls across the enterprise.
System Security Plan
This video describes some of the key attributes for defining the functionality of a well-constructed security plan and some of the controls this involves in order to make it efficient and successful for an organization.
Human Resources Requirements
This video describes the importance of human resources and how it relates to server security. It is vital to determine staffing needs and ensure the right role is matched to the right skill set without disrupting the confidentiality, integrity, and availability of these systems.
In this video, we are wrapping up and concluding section three, and running through a quick review of what was covered throughout Server Security.
Securing the Operating System
Patching and Upgrading the Operating System
This video is a quick snapshot of some of the key concepts that should be taken into consideration when patching and upgrading the operating system.
Hardening and Securely Configuring the Operating System
This video is a quick overview, explains at a high level some of the suggestions that should be considered when first implementing and configuring the operating system.
Remove or Disable Unnecessary Services, Applications, and Network Protocols
In this section, we discuss the importance of removing or disabling unnecessary services, applications, and protocols. Leaving these services turned on could not only pose a security risk but includes the possibility of impacting performance or degrading the state of a system.
Configure Operating System User Authentication
In this video, we go over some of the best practices when it comes to configuring the OS for authentication and what this implies as it pertains to security posture.
Additional Control Considerations
In this video, we talk about the benefits of adding additional controls; however, also stressing the need to exercise caution on implementation approaches as to not impact production environments.
In this video, we wrap up section two, and quickly review what we covered throughout Threats, Vulnerabilities, and Risks.
Securing the Server Software
Software Security Recommendations
In this video, we describe the most common recommendations when it comes to applying security during the software installation process.
Configuring Access Controls
In this short overview, we talk about the best approaches for access controls, including some of the extra layering of security that can help improve the security posture.
Resource Constraints and Mitigation Recommendations
This video introduces concepts on how to approach some of the resource constraints within the OS and some of those caused by intentional means from a Denial-of-Service (DoS) attack.
Authentication and Encryption Technologies
This video covers the importance of authentication and encryption and describes some of the basics at a high level.
In this video we are wrapping up and concluding section five, and running through a quick review of what was covered throughout Securing the Server Software.
Maintaining the Security of a Server
It Starts with Logging
This video emphasizes the importance of logging and is a starting point in maintaining server security.
This video runs through some basic scenarios that can be implemented when it comes to logging, offering a few suggestions, and best practices in order to achieve success.
Reviewing and Retaining Log Files
Understanding "what" and "why" we are logging is important. This video captures a few essential facts surrounding this information and brings out key attributes that should be worked into a regular log review plan.
Automated Log File Analysis Tools
This video describes some concepts of logging and references Security and Information Event Management (SIEM) technologies, and how this works in conjunction with Syslog as the standard format that is used for many of these systems.
Server Backup Types, Procedures and Policies
This video describes the process of file retention through various means of backups, the importance of these backup procedures, and how this information needs to be included in your organization's backup policy.
Recovering from a Security Compromise
This video enables a learning opportunity into the world of incident response following a compromise with some of the common procedures used to take it through the Incident Response Lifecycle and assist with the recovery phase efforts.
Continuous Security Testing
Once this security implementation has been finalized and a server is ready for production, it will be important to adhere to your organization's policy when it comes to the continuous testing and efforts for maintaining the highest levels of security and the safeguard for these systems. This video addresses some actionable items when vulnerability and penetration tests are used to maintain these levels.
In this video, we wrap up section six and quickly review what we covered throughout Maintaining the Security of a Server.
This video provides additional online resources when it comes to security and some of the topics discussed in this Server Hardening Fundamentals course.
This video provides a quick scenario into some of the course options, whether security focus in mind or the desire to pursue some of the other technology pillars offered at Linux Academy.