•    Employment
  •    Academia
  •    Research
    • NICE Framework
    • CAE Program

Operating Systems Hardening

The intent of the Operating Systems Hardening Knowledge Unit is to provide students with the ability to apply methods such as managing applications, services, and network ports to improve the robustness of operating systems.

Topics

  1. Removing unnecessary components
  2. User restrictions (access and authorizations)
  3. Describe, for a given OS, the steps necessary for hardening the OS with respect to various applications.
  4. Vulnerability Scanning

Outcomes

  1. Describe, for a given OS, the steps necessary for hardening the OS with respect to various applications.
  2. Securely install a given OS, remove or shut down unnecessary components and services, close unnecessary ports, and ensure that all patches and updates are applied.
  3. Vulnerability Scanning

KSA-T

Below are the Knowledge, Skills, Abilities and Tasks (KSA-T) identified as being required to perform this work role.
Learn More about the KAS-T's.

  • Knowledge
  • Skills
  • Abilities
  • Tasks
ID DESCRIPTION
K0167 Knowledge of system administration, network, and operating system hardening techniques.
K0122 Knowledge of investigative implications of hardware, Operating Systems, and network technologies.
K0205 Knowledge of basic system, network, and OS hardening techniques.
K0070 Knowledge of system and application security threats and vulnerabilities (e.g., buffer overflow, mobile code, cross-site scripting, Procedural Language/Structured Query Language [PL/SQL] and injections, race conditions, covert channel, replay, return-oriented attacks, malicious code).
K0089 Knowledge of systems diagnostic tools and fault identification techniques.
K0106 Knowledge of what constitutes a network attack and a network attack??s relationship to both threats and vulnerabilities.
K0177 Knowledge of cyber attack stages (e.g., reconnaissance, scanning, enumeration, gaining access, escalation of privileges, maintaining access, network exploitation, covering tracks).
K0206 Knowledge of ethical hacking principles and techniques.
K0342 Knowledge of penetration testing principles, tools, and techniques.
K0119 Knowledge of hacking methodologies.
K0572 Knowledge of the functions and capabilities of internal teams that emulate threat activities to benefit the organization.
K0310 Knowledge of hacking methodologies.
ID DESCRIPTION
S0121 Skill in system, network, and OS hardening techniques. (e.g., remove unnecessary services, password policies, network segmentation, enable logging, least privilege, etc.).
S0001 Skill in conducting vulnerability scans and recognizing vulnerabilities in security systems.
S0242 Skill in interpreting vulnerability scanner results to identify vulnerabilities.
ID DESCRIPTION
A0016 Ability to facilitate small group discussions.
A0017 Ability to gauge learner understanding and knowledge level.
A0092 Ability to identify/describe target vulnerability.
ID DESCRIPTION