System Hardening
Unlock the complete study guide + 1,040 practice questions across 16 full exams.
Bundled into the existing Certified in Cybersecurity premium course — no separate purchase.
Included in this chapter:
- Hardening and the attack surface
- Configuration management and the baseline
- Patch management: the update lifecycle
- Core hardening practices
- Exam-pattern recognition
The core hardening activities and what each one reduces
| Activity | What you do | What it reduces |
|---|---|---|
| Least functionality | Uninstall unused software, disable unused services and ports | Attack surface from features that need not run |
| Remove default accounts | Delete or disable built-in and sample accounts | Known-target accounts an attacker can try |
| Change default credentials | Replace every factory password with a strong one | Easily guessed, publicly documented logins |
| Apply a baseline | Configure to an approved hardening standard (e.g. CIS Benchmark) | Inconsistent, ad-hoc per-machine settings |
| Patch management | Test and apply vendor updates on a schedule | Open, known vulnerabilities flaws fixes exist for |
| Configuration monitoring | Check running systems against the baseline | Configuration drift away from the secure state |
Cheat sheet
Unlock with Premium — includes all practice exams and the complete study guide.