OS and Application Security Strategy
OS and Application Security Strategy
One of the vulnerabilities is known as remote code execution (RCE). This vulnerability permits attackers to run arbitrary code on vulnerable workstations and servers remotely. Attackers can then carry out actions to exploit other susceptibilities. Remote code is the most common vulnerabilities currently found in OS, and it can lead to other attacks, encompassing elevation of privileges, and denial-of-service (Hesselman, 2019). RCE vulnerabilities are typically marked “critical” and should thus be patched instantly. The other vulnerability is known as Denial-of-Service (DoS). This is one of the main Microsoft STRIDE threats that make services such as Windows and browsers not able to function often. There are two kinds of DoS vulnerabilities: flood attacks and crash attacks. Flood attacks occur when a system gets excess requests, causing the services to slow down and ultimately stop (Yu, 2013). Other DoS attacks take advantage of vulnerabilities that create a service or system to crash. Spoofing is yet another vulnerability. Spoofing denotes the process of mimicking an individual by tampering with authentication, utilizing a password and username. Attackers can use spoofing to access confidential information on account of victims. Spoofing mainly takes place in applications that utilize the Chakra engine like Edge and Microsoft’s Internet Explorer.
Anti-malware solution operating systems it supports.
The Malware Protection Engine is recommended. This solution works by scanning all the new files to check for malware or threats. It supports Windows Defender and Microsoft Security Essentials. The Avira anti-virus is also recommended, and especially for DoS attacks. This anti-malware has a 3-layer protection scheme. The conventional malware scanner makes a comparison between files against a library of known threats. The heuristic monitoring explores code and watches for indications of an attack. It then scans the OS and blocks HTTP request attacks. This anti-malware supports Microsoft Windows Mobile 5.0 and Microsoft Windows Vista.
Intrusion detection system (IDS) solution and the reasoning for the recommendation
IDS is an essential component of a truly successful solution. It flags up incoming and outgoing malicious traffic so that an organization can take proactive steps to protect its network. In this regard, the recommended IDS is known as the SolarWinds Security Event Manager (SEM) Essay. This solution serves to augment efficiencies in administering, managing, and monitoring security policies as well as protecting an organization’s network (Kumar, Pattnaik & Pandey, 2017). This solution is suggested because it makes it easy to monitor, backup continually, forward or store log files, and encompasses built-in transit and storage encryption. More so, SEM is Studypro Essay Writing recommended because it is useful and keeps the IT staff informed so that they can respond quickly and accurately to a possible threat.
Control strategies for securing the company’s web-based infrastructure
Several strategies can be applied to secure the company’s web-based infrastructure. One of the approaches entails strengthening the management of patches and vulnerability assessment capabilities. These will help the company to promptly identify vulnerabilities that need to be tackled and connect them to patches that can be deployed to databases, servers, endpoints, and applications to remediate them. Another strategy entails taking advantage of Web Application Firewalls (WAFs). WAFs offer a vital line of defense for important applications and data by assessing user access to web applications that are critical to business and dealing with threats that are woven to website traffic that is innocent-looking (Buecker et al., 2016). Contrary to conventional firewalls that majorly regulate traffic based on ports and protocols they utilize, a WAF regulates access to web applications utilizing rules formulated to identify common attacks like SQL injection and cross-site scripting.
Control strategies for securing the company’s database infrastructure
One way of securing the company’s database infrastructure is to use database firewalls. These firewalls will thus disallow traffic access automatically. The only traffic that is permitted to pass through must come from a particular application or web servers that require data access. The firewall must also safeguard the database from instigating outgoing linkages except in cases where there is a specific requirement to do so (Tripathy, 2013). Another strategy pertains to data encryption. A majority of companies encrypt the data that is at rest, but in this case, the company needs to encrypt backup data. This data should then be stored in a different location from the decryption keys (not, for instance, stored in an encrypted form but next to the keys in plaintext). In addition to encrypting stored data, it is also vital to ensure that when sensitive information is moving over the network, it is in an encrypted format to safeguard against security threats in the database (Tripathy, 2013). Managing the database access tightly is yet another strategy. This entails minimizing the number of people that can access the database. For instance, administrators should only be given minimum privileges, they require to carry out their job functions, and only when they require access.
Two (2) items for operating system security hardening procedures
One of the operating system security hardening procedures is program cleanup. It entails getting rid of the unnecessary program. Each program is another possible entry point for an attacker. Cleaning these out assists in restricting the number of ways in. The other procedure is the utilization of service packs. This involves keeping up-to-date and installing the most recent versions of the organization’s operating system.
Buecker, A., Campos, A., Cutler, P., Hu, A., Jeremiah, G., Matsui, T., & Zarakowski, M. (2016). Endpoint security and compliance management design guide using IBM Tivoli endpoint manager. IBM StudyPro essay writing Redbooks.
Hesselman, C. (2019). Mobile wireless Middleware, operating systems and applications – Workshops: Mobilware 2009 workshops, Berlin, Germany, April 28-29, 2009, revised selected papers. Springer Science & Business Media.
Kumar, R., Pattnaik, P., & Pandey, P. (2017). Detecting and mitigating robotic cyber security risks. IGI Global.
Tripathy, B. (2013). Advances in secure computing, internet services, and applications. IGI Global.
Yu, S. (2013). Distributed denial of service attack and defense. Springer Science & Business Media.