Assignment: System Hardening
Scenario
After the productive team meeting, Fullsoft's CTO engages in further analysis and establishes a plan to mitigate risks, threats, and vulnerabilities. As part of the mitigation plan, you and your team members will configure baseline security on all workstations. You will ensure that the antivirus software is running properly, remove unnecessary software and services, and implement a control related to password hacking attempts. You have been asked to train a new employee by demonstrating how to implement system hardening on a local workstation.
Tasks
Ensure that you are logged in as an administrator. Using a computer that has Windows 7* installed:
o Review the antivirus program and ensure it is up to date and running a full scan of the system.?
o Disable at least five unnecessary services from the default installation of Windows 7.?
o Configure audit logging to identify all failed password attempts into the system.?
* If possible, complete these tasks using a personal computer with the default installation of Windows 7. If you do not own the necessary hardware and software, consult with your Instructor about alternatives. After your work on this project is complete, you may need to return the settings to the previous configuration.?Then, for the employee you are training, write a summary of what you did and explain why system hardening is important. Include the following:
Summary?
o Explain how you ensured the antivirus program is updated and running a full scan of the system; describe anything significant you observed?
o Explain how you removed unnecessary services from the default installation of Windows 7, noting the five (or more) services by name and function?
o Explain how you configured audit logging to record all failed password attempts into the system. Rationale?
- Share an example of an IT security policy, standard, procedure, and guideline that relates to the system-hardening steps you have implemented?
o Explain the purposes of system hardening in terms of the company's overarching goal of maintaining information systems security.?
As a reminder,you may use the book for this course and the Internet to conduct research. You are encouraged to respond creatively, but you must cite credible sources to support your work.
Project Part 2 should be submitted in the following format and style:
o Format: Microsoft Word?
o Font: Arial, Size 12, Double-Space?
o Citation Style: Follow your school's preferred style guide?
o Length: 1-2 pages?
Self-Assessment Checklist?
· I have summarized the system-hardening steps I implemented on a computer using Windows 7, including:
o How I ensured the antivirus software is running properly?
o How I removed at least five unnecessary services, noting the services by name and
o function?
o How I configured audit logging of all failed password attempts
· I have provided an example to illustrate how system hardening relates to a company's IT security policy framework and explained the purposes of system hardening in terms of the company's overarching goal of maintaining information systems security?
I have conducted adequate independent research for this part of the project?