|Comptia Security+ Certification Study Guide|
Security+ technicians need to fully understand the fundamentals of system hardening (also described as “locking down” the system). This knowledge is needed not only to pass the Security+ exam, but also to work in the field of information security. You will learn that the skills needed to detect breeches and exploits are an essential part of the security technician’s repertoire. The Security+ exam covers the general fundamentals of hardening. Operating system (OS) hardening covers important concepts such as locking down file systems, controlling software installation, and use and methods for configuring file systems properly to limit access and reduce the possibility of a breach. Some other steps to take to harden the OS include installing only protocols that are used, enabling only services that are needed, installing only the software that is needed and approved, and granting the minimum rights to users as required. Additional steps could be to limit the users’ ability to perform tasks they would not perform, such as installing unauthorized software, or changing Windows settings. In some cases, it may also be necessary to encrypt files on disk to further restrict access to sensitive data.