Complete Project Part 9 and 10: Secure Windows Applications Policy and submit it in the Submission area after submitting it through SafeAssign. Please include the screenshot showing successful complet

Running Head: HOW TO ADMINISTER SECURITY THROUGH HARDENING TECHNIQUES 0

Windows Hardening measures that help in solving certain security issues

Student Name:

Suma Sindhu.Pullela

Instructor Name:

Dr.CD Waters

Course Title:

Application Security

Institution Name:

University of Cumberland’s

Date:

06/12/2020

The term hardening delegates to the process of lowering the level of threats that is present to attackers. This measure is founded on the standard of ensuring that a PC framework is configured to perform specifically what one is expect perform under normal conditions and not additional things. However, hardening is considered an immanent portion of information security plus it entails the fundamental rule of prevention, the principle of disallowing, plus detection (Belding, 2019).

Issues to discourse

First issue: Previous attempts to protect user accounts have resulted in users writing long passwords down and placing them near their workstations. Users should not write down passwords or create passwords that attackers could easily guess, such as words founds in the dictionary.

When addressing the first issue, it would be important to strengthen very complicated passwords. For instance, the management should ensure that every organization members has taken part in training program that illustrates on the advanced security requirements. There should be implemented policies that will help ascertain if passwords should adhere to different procedures that are regarded vital for powerful passwords (Bhargava, 2015). The complicity may involve using passwords that have character taken from three distinct classes such as uppercase, lowercase characters, or Unicode letters. Nonetheless, the security standard should aim on ensuring that every member in the workstation is capable of adhering to the placed measures with a minimal studying curve. Also, passwords should be considered to have met the intricate measures if they have not less than eight characters combined. Furthermore, the length of a password makes it hard for attackers to gain access to any information.

Second issue: Every user, regardless of role, must have at least one unique user account. A user who operates in multiple roles may have multiple unique user accounts. Users should use the account for its intended role only.

On the other end, every user within the organization should utilize an account for its specific function to limit unauthorized persons from accessing or making alterations from different workstation. For example, if a PC contains an administrator account that is active, it would be important to develop more account by adhering with the management privileges via the Control Section. The measure will assist in making sure that participants who use accounts for many responsibilities manage to perform their tasks without offering them full administrative measures. Further, if a user had attempted to disable an account, it would be important to make the administrator account that is concealed in Windows 7 active. By doing this, it would be easy to recover control over the organization framework. Moreover, when disabling the secretive administrator it is vital to first develop another user administrator account hence proceed with opening the Command Prompt plus evaluating the next command to hide the account again (Lambert and Lambert, 2015).

Third issue: Anonymous users of the web server applications should only be able to access servers located in the demilitarized zone (DMZ). No anonymous web application users should be able to access any protected resources in the Always Fresh IT infrastructure.

Furthermore, it is vital for the management to understand completely how to ensure security of the server applications by comprehending intensively how firewalls function plus where they should be situated. Moreover, to solve the above issue it would be important to install a firewall atween the users Web server plus their interior network. For this issues, fixing web server with the demilitarized zone can help in making it easy to approach for unknown application hence again preventing the same individuals from gaining any access to the interior network (Hirsh, 2011). Generally, the firewalls will help in offering a prevention measure to the prevent network insecurity issues that may take place from externally from the server or internally from the organization server. Nevertheless, when this firewall is placed atween the web server and the interiorly connected network, it would help to prevent any traffic that is permitted to move from a certain point to another. Two firewalls would deny traffics that can interfere with the internal networks within the DMZ. This is where we have a single firewall linked to the web server of the organization while the next firewall linked to the internal network. Mostly, in case any external threat tries to gain approach to the Web server, then the other firewall would act and stop it from approaching the confidential company network (Hirsh, 2011).

Fourth issue: To protect servers from attack, each server should authenticate connections based on the source computer and user.

Lastly, when preventing servers from threats, it would be important to carry on a Kerberos authentic process for every server found within the corporate. This refers to the use of an advanced technology that can generate default authorization to the links created between a user and Pc (Petters, 2020). The technique offers a very powerful authentication to users plus servers found within any unreliable network. In this, the server that connects the source PC should be prevented, plus the user application be able to perform what a person is required to perform. Nevertheless, the Kerberos authentication method would assist to provide the security required for connections found on the PC plus the user (Petters, 2020).

In summary, by identifying and addressing how each hardening method can solve every listed problem, then the organization security administrator would know how to handle such issues when they happen in future. For example, the organization will have very strong Windows autherntication, connections, plus information access. Generally, these recommendations will assist to offer a more advanced state of security in Always Fresh Corporate.

References

Belding, G., (2019). Windows 10 Hardening Techniques - Security Boulevard. Retrieved June 11, 2020, from https://securityboulevard.com/2019/10/windows-10-hardening-techniques/

Bhargava, R., (2015). Why should I Enforce Password Complexity Requirements? - JumpCloud. Retrieved June 11, 2020, from https://jumpcloud.com/blog/reasons-to-implement-password-complexity-requirements

Hirsh, D., (2011). Understanding Firewalls and Their Role in Network Security. Retrieved June 11, 2020, from https://blog.se.com/datacenter/2011/08/19/understanding-firewalls-and-their-role-in-network-security/

Lambert, J., and Lambert, S., (2015). Manage User Accounts and Settings in Windows 10 | Microsoft Press Store. Retrieved June 11, 2020, from https://www.microsoftpressstore.com/articles/article.aspx?p=2453566

Petters, J., (2020). Kerberos Authentication Explained. Retrieved June 11, 2020, from https://www.varonis.com/blog/kerberos-authentication-explained/

Screenshots of lab completion steps