Unit 13 - System Hardening
Overview
In this unit, we focus on system hardening — the process of configuring Linux systems to meet defined security standards. As threats evolve, system administrators play a key role in ensuring confidentiality, integrity, and availability by reducing attack surfaces and enforcing secure configurations.
We will explore industry benchmarks like STIGs and CIS, implement hardening techniques for services like SSH, identify unneeded software, and analyze system security posture using tools like the SCC Tool. You’ll also revisit baselining and documentation as part of security validation and compliance.
Learning Objectives
By the end of this unit, you will be able to:
- Define system hardening and understand its role in securing Linux servers
- Scan systems using the SCC Tool to assess security compliance
- Apply remediation steps based on STIG reports
- Harden services such as SSHD, remove unnecessary software, and lock down ports
- Rescan and verify improvements in your system’s security posture
- Understand the importance of documentation and change management in security
Key Terms and Definitions
| Hardening | Pipeline |
|---|---|
| Change Management | Security Standard |
| Security Posture | Acceptable Risk |
| NIST 800-53 | STIG |
| CIS Benchmark | OpenSCAP |
| SCC Tool | HIDS |
| HIPS |