Hardening a device, system, or component can greatly help reduce the attack surface. An example of physical hardening is to seal or monitor ports on a server. Also, hardening software can be done by disabling unused or unnecessary ports and services (for example, disabling SSH when not being used).
The following are some of the security configuration settings that are validated in this DVD:
- Identification and authentication of users and integration with central authentication servers (for example, Active Directory)
- Authorization for users based on Role-Based Access Control (RBAC)
- Logging and auditing settings
- Using secure versions of protocols (for example, using HTTPS instead of HTTP)