• Log In
  • Skip to primary navigation
  • Skip to main content
  • Skip to primary sidebar

Security Architecture

MIS 5214 - Section 001 - David Lanter

Security Architecture

MIS 5214.703 ■ Spring 2022 ■ David Lanter
  • Homepage
  • Instructor
  • Syllabus
  • Schedule
    • First Half of the Semester
      • Unit 01 – Threat Environment
      • Unit 02 – System Security Plan
      • Unit 03 – Planning and Policy
      • Unit 04 – Cryptography
      • Unit 05 – Secure Networks
      • Unit 06 – Firewalls
      • Unit 07 – Mid-Term Exam
    • Second Half of the Semester
      • Unit 08 – Access Control
      • Unit 9 Host Hardening
      • Unit 10 Application Security
      • Unit 11 Data Protection
      • Unit 12 – Incident and Disaster Response
  • Deliverables
    • Assignments
    • Case Studies
      • Case Study 1 – A High Performance Computing Cluster Under Attack: The Titan Incident
      • Case Study 2 – Data Breach at Equifax
    • Participation
    • Team Project
  • Harvard Coursepack

My question to discuss with my classmates

March 9, 2022 by David Lanter 44 Comments

Filed Under: 09 - Host Hardening Tagged With:

Reader Interactions

Comments

  1. Ornella Rhyne says

    March 11, 2022 at 11:59 pm

    What are the common issues with patch management? Why do patches fail?

    Log in to Reply
    • Miray Bolukbasi says

      March 12, 2022 at 2:07 pm

      Common patch management problems include lack of management report, unexpected failures, lack of mobile control, manual patching, compliance requirements, the need for a patch provider.

      In order to avoid patch failures, organizations should have a strong security approach where they test patches before deploying to the network, prioritize them, and implement them well.

      Log in to Reply
    • Oluwaseun Soyomokun says

      March 16, 2022 at 1:35 am

      One the possible reasons for a failed patch could be compatibility issue to the existing software or applications in use. Also, weaknesses within the patch itself could be another reason for a failed patch.
      After installing the patch and the system administrator fails to reboot the systems to effect the patch on the applications or software is yet another possibility.

      Log in to Reply
  2. Miray Bolukbasi says

    March 12, 2022 at 12:52 pm

    What are some of the risks that patches raise for firms?

    Log in to Reply
    • Matthew Bryan says

      March 12, 2022 at 3:14 pm

      Patches can affect the performance of hosts causing them “to freeze or do other damage”(Boyle and Panko, Section 7.3.4) It’s important to test patches prior to rolling them out to production. In addition, administrators should consider the tradeoffs between security and reduced functionality before applying the patch. In some cases, patches can make the system harder to use by addressing the vulnerability.

      Log in to Reply
  3. Matthew Bryan says

    March 12, 2022 at 12:53 pm

    Why is it important that system administrators define the scope, timing, and receive approval prior to conducting a vulnerability scan?

    Log in to Reply
    • Miray Bolukbasi says

      March 12, 2022 at 1:37 pm

      Scope and Timing: Scope is significant to define prior to vulnerability scanning because the goal is to be quick and conduct high-level assessment of vulnerabilities. The organization should decide what objects to scan to make sure it does not overlook essential networks and lose time or focus.

      Approval: The organizations and IT teams often need support from executives for investments and tools used to protect hosts. To establish a top-down approach, it is crucial that the IT team request executive approval. Once vulnerability scanning is performed, and changes are identified as necessary to help the organization, executives will understand and support better.

      Log in to Reply
  4. Yangyuan Lin says

    March 12, 2022 at 11:30 pm

    Will virtual hosts more secure?

    Log in to Reply
    • Oluwaseun Soyomokun says

      March 13, 2022 at 4:58 am

      Virtual host at the moment support communication through encrypted virtual private networks (vpn) and communications between virtual machines on a secure vpn tunnel are likely to be exposed to popular attacks. I feel Virtual host environment is still much more secure for now…but..things can change pretty fast with technology and algorithm complex attacks fast evolving.

      Log in to Reply
  5. Oluwaseun Soyomokun says

    March 13, 2022 at 4:53 am

    Any thoughts and opinion about what it would be like to patch a virtual infrastructure from common attacks?

    Log in to Reply
  6. Ryan Trapp says

    March 13, 2022 at 1:16 pm

    Does the use of Linux/Unix make a system inherently more secure than a system with Windows? Why or why not?

    Log in to Reply
    • Mohammed Syed says

      March 13, 2022 at 10:33 pm

      Because Linux and Unix are more secure than other operating systems. Linus is rarely infected by malware such as viruses, and it is a very secure OS. Linux has clearly defined privilege at multiple levels, thereby restricting access with it’s is root-level access. In Linux, you can give lower levels of account with limited access to the user. Malware will not get root access to damaged systems.

      Log in to Reply
      • Amelia Safirstein says

        March 15, 2022 at 11:33 pm

        Great points, Mohammed! Though Linux implementations can often be more secure than Windows, the windows interface and user tools are more user-friendly and familiar. This is one of the reasons that Windows is used in employee workstations more frequently.

        Log in to Reply
    • Michael Duffy says

      March 15, 2022 at 11:22 pm

      It depends on how often you update from the repo, as well as the consideration that most viruses are developed for Windows based systems since there are more Windows users than Linux users. After scanning several systems for vulnerabilities that are UNIX based, I have found they are often unpatched and disregarded when disconnected from a repo. Because of this, they become littered with arbitrary code execution vulnerabilities and etc.

      However, from a design level I would say it depends, UNIX is more secure due to it’s design philosophy if given in the right hands. Especially because UNIX/Linux is extremely compartmentalized, and allows you troubleshoot anything that is failing within the system. It’s also open-source and allows users/developers to interact more within the community. I think if it’s put in the right hands, Unix would have the edge over Windows. However, Windows has been pushing security updates and convenience where it really comes down to the end user to determine if security is compromised.

      Log in to Reply
    • Alexander William Knoll says

      March 15, 2022 at 11:57 pm

      I would say that Linux/Unix are inherently more secure than Windows due to their target audience. Windows is designed to be very user friendly, hence being the most popular operating system in the world. Linux/Unix, on the other hand, are much more complicated operating systems. The lesser amount of users would play a large factor, as well.

      Log in to Reply
  7. Jason Burwell says

    March 13, 2022 at 4:56 pm

    Why is it important that security be carefully considered from the initial planning stage of a new sever?

    Log in to Reply
    • Mohammed Syed says

      March 13, 2022 at 10:33 pm

      If you are deploying a new server in your organization, you should follow up on information security rules, policies, and procedures because security should be carefully considered from the initial stage. Identify what your security needs are and how it impacts the foundation of the security policies. Figure out what you do to possibly protect your organization, and ensure the security of the server is up-to-date and supports your organization network.

      Log in to Reply
    • Amelia Safirstein says

      March 15, 2022 at 11:38 pm

      Retroactively adding security measures is often significantly more expensive and less secure than considering security from the planning stages. Additionally, if security is considered from the initial planning stage and throughout all other stages, the team is less likely to miss smaller details that may affect security.

      Log in to Reply
  8. Elizabeth Gutierrez says

    March 13, 2022 at 6:54 pm

    How do you go about testing the strength of passwords?

    Log in to Reply
    • Shubham Patil says

      March 13, 2022 at 8:13 pm

      The strength of a password is determined by three things: the length of the character set used, the length of the password itself, and to a lesser extent, the variety in characters chosen. There are various free tools available online to check the strength of your password.

      Log in to Reply
    • Hang Nu Song Nguyen says

      March 15, 2022 at 10:01 am

      Hi Elizabeth,
      I think that an auditor should look at the password policy to determine whether the policy is achieved the minimum requirements what NIST 800-53 about the complexity of password. After that, the auditor will define whether the constraint to set up a password that match to the policy . Then , the auditor provides sample test. However, the auditor should consider other factors such as how many time to allow to input wrong password and multi-factor authentication to protect data.

      Log in to Reply
    • Ryan Trapp says

      March 15, 2022 at 11:36 am

      You can test the strength of passwords by using what is known as a dictionary attack. This is the process of checking the password against a list of commonly used passwords. Often if the password is simple enough it will be in one of these lists. Also you can test the strength by trying to brute force the password. If the password is short in length and does not contain a variety of characters then it will not take modern computers very long to crack.

      Log in to Reply
    • Alexander William Knoll says

      March 16, 2022 at 12:04 am

      A good tool for testing the strength of your password is the website passwordmonster.com. When inputting the name of my dog Jack, the password will take .01 seconds to crack, according to the website. It is widely recommended to use a much more complex password that doesn’t utilize common dictionary words, uses an assortment of uppercase & lower case letters, symbols, & numbers. Using the completely random password Fd6@4kOpL)4bZ[1 increases the cracking time to 188 billion years, according to the site.

      Log in to Reply
  9. Shubham Patil says

    March 13, 2022 at 8:10 pm

    What security protections do recent versions of this operating system offer?

    Log in to Reply
    • Mohammed Syed says

      March 13, 2022 at 10:34 pm

      Section 7.2 stated that the early versions, such as Window server NT, had poor security. The later version of Windows servers such as Windows servers 2016 and 2019 are much more secure. Windows 10 released Microsoft Edge a web browser, a virtual desktop system, and a desktop management feature called task view. It supports fingerprint, face recognition login and has security features for enterprise environments.

      Log in to Reply
  10. Mohammed Syed says

    March 13, 2022 at 10:34 pm

    How can you test for vulnerabilities with the windows server?

    Log in to Reply
    • Hang Nu Song Nguyen says

      March 15, 2022 at 10:13 am

      For my understanding about Window, I think that an auditor should start to scan remote desktop protocol. Then the auditor looks at firewall, firewall configuration, and DNS logs. Because the Window’s permission based on role/group, the auditor should review whether the permission set up correctly and group changes.

      Log in to Reply
  11. Michael Duffy says

    March 13, 2022 at 10:57 pm

    How can the organization assess the risk for information systems that cannot implement vendor security patches?

    Log in to Reply
    • Hang Nu Song Nguyen says

      March 15, 2022 at 10:42 am

      Hi Mike,
      Please check this article from ISACA
      https://www.isaca.org/resources/isaca-journal/issues/2019/volume-3/practical-patch-management-and-mitigation
      It will give you better explanation than me .
      ” The main problem with these types of agent solutions, apart from possible technical issues relating to performance and availability, is that many vendors do not allow an agent from a third party (e.g., a security vendor) to run on their system in parallel to their own applications. If an administrator installs an agent on a vendor system without vendor consent, then the vendor can easily blame any problem on the agent and effectively void any warranty or support clause. The enterprise can end up with a secure but unusable or unsupported system.”

      Log in to Reply
  12. Amelia Safirstein says

    March 13, 2022 at 11:48 pm

    The Pentasafe Security Technologies survey in chapter 7 of our book found that out of 15.000 employees in 600 organizations, fifty percent used the names of family members and thirty percent used the names of pop idols or sports heroes as their passwords. How would you convince the staff of your organization to use more random and secure passwords?

    Log in to Reply
    • Corey Arana says

      March 14, 2022 at 3:34 pm

      I would add this into the password policy, stating names are not able to be used in passwords. Sounds difficult but I would also create a list of names that the system would not accept in passwords. Brady, Lebron and Drake just to name a few would be denied.

      Log in to Reply
  13. Joshua Moses says

    March 14, 2022 at 12:35 am

    Can you name at least two different ways to harden a system?

    Log in to Reply
    • Corey Arana says

      March 14, 2022 at 3:19 pm

      Use strong passwords/ strict password policies and setting up backups.

      Log in to Reply
    • Elizabeth Gutierrez says

      March 14, 2022 at 5:40 pm

      Hi Joshua,
      I agree with Corey that implementing backups and strong passwords are essential in hardening a system. However, I would not overlook the importance of using patch management tools to apply OS updates and patches automatically. In addition, application control event logs should be centrally stored and protected from unauthorized modification and deletion and monitored for signs of compromise. By configuring assets in line with security best practices, tools, and techniques, it will reduce its exposure to security vulnerabilities.

      Log in to Reply
    • Shubham Patil says

      March 15, 2022 at 9:59 pm

      Joshua,

      Here are two ways by which you can harden a system:

      1.Operating System Hardening
      Operating system (OS) hardening involves adding security features to your OS to make it more secure. While operating systems are secure by nature, hardening them makes them even more secure. OS hardening involves patching and applying advanced security measures to protect a server’s OS.

      2. Network Hardening
      Network devices that include SANs, routers, load balancers, and gateways, to name a few, are highly prone to cyberattacks, as they are most exposed to attack vectors. Network hardening refers to the usage of network protection techniques to protect the network from unauthorized users.

      Log in to Reply
  14. Hang Nu Song Nguyen says

    March 14, 2022 at 7:35 am

    How different are the permission management between Microsoft and Unix/Linux?

    Log in to Reply
    • Bryan Garrahan says

      March 15, 2022 at 10:31 am

      Windows has the ability to provide users/groups with full control, modify, read & execute, list folder contents, read, and write permissions while unix/linux OSs can provide users with only read, write, and execute permissions. Additionally, there is no limit to how many users and groups can be assigned to a particular directory in windows. However, in unix/linux, permissions can be applied to only three different entities including the owner, a single group, and everyone else.

      Log in to Reply
  15. Corey Arana says

    March 14, 2022 at 3:29 pm

    The chapter tells use what shoulder surfing and what physical keyloggers are, Can anyone tell me what other types of password threats that are out there?

    Log in to Reply
    • Elizabeth Gutierrez says

      March 14, 2022 at 5:34 pm

      Hi Corey,
      Other than shoulder surfing and physical keyloggers, the other password threat noted in the chapter was keystroke capture and password-stealing programs. Boyle and Panko define keystroke capture as a program that “steals passwords as the user types them in and sends the keystrokes to the attacker.” The attacker has two options – to mine the keystroke data for account names and passwords or present the user with a fake login screen and have them log in again to obtain the information.

      Log in to Reply
  16. Bryan Garrahan says

    March 14, 2022 at 8:25 pm

    How often would you recommend an administrator review user/group access to critical administrator functions such as production access to deploy changes in production? Should these types of access be reviewed on a more frequent basis than user/group access to an application with minimal user capabilities?

    Log in to Reply
  17. Alexander William Knoll says

    March 14, 2022 at 11:37 pm

    Why do some organizations still not enforce strong password policies given how easy they are to enforce and how effective they have proven to be?

    Log in to Reply
    • Amelia Safirstein says

      March 15, 2022 at 2:14 am

      I think that in some cases, especially with smaller businesses/start-ups, security isn’t a main concern. Good security practices often aren’t seemingly needed for the business operations, so they are forgotten about or skipped over to use time/efforts elsewhere. Additionally, with smaller companies, there can be a sentiment of “That won’t happen to us. We aren’t a big enough target.” sometimes followed by ” That definitely won’t happen to us again. What are the chances?”

      Log in to Reply
    • Yangyuan Lin says

      March 15, 2022 at 10:14 am

      I agree with Amelia said that startup businesses are more focused on business development. And I think one of the reasons is the lack of staff training. Strong passwords are not just long passwords. For example, adding numbers to the password (password123456789), entering the password twice (passwordpassword), and using prefixes and suffixes (passworded & postpassword) can all be considered “strong passwords” by employees because these passwords are long and look very complex. However, it is actually very easy to crack passwords by hybrid dictionary attacks. Such password settings will increase the information security risk of the enterprise.

      Log in to Reply
      • Alexander William Knoll says

        March 15, 2022 at 11:53 pm

        Yeah I definitely agree with both of you. In the case of small businesses/start-ups I guess security is one of the last concerns basically because there’s just so much more to worry about. It would probably be nearly impossible to ever convince a local sandwich shop that they should care about security. As far as complex passwords, its becoming more and more apparent that the “complex” requirements really do not make the password much more difficult to crack.

        Log in to Reply

Leave a Reply Cancel reply

You must be logged in to post a comment.

Primary Sidebar

Weekly Discussions

  • 01 – Introduction (2)
  • 01 – Threat Environment (3)
  • 02 – System Security Plan (6)
  • 03 – Planning and Policy (7)
  • 04 – Cryptography (6)
  • 05 – Secure Networks (7)
  • 06 – Firewalls (5)
  • 08 – Access Control (7)
  • 09 – Host Hardening (5)
  • 10 – Application Security (6)
  • 11 – Data Protection (4)
  • 12 – Incident and Disaster Response (5)
  • 13 – Review (1)
  • 13 – Team Project Presentations and Review for Final (1)
Fox School of Business

Copyright © 2025 · Course News Pro on Genesis Framework · WordPress · Log in