Controls

Terug naar overzicht
Version

SB.16.005 Service Hardening

Medium
Medium
Medium
System Hardening
System Owner
v2.0 (Q1 2024)

Description

Services run under their own account with minimal necessary privileges .

Only necessary services run on production servers, and are only accessible to necessary interfaces using Host-based Firewalls.

All services are maintained and kept up-to-date.

For each running service on servers, hardening guides are followed and deviations from hardening guides due to business requirements are documented.
Local Firewall rules limit service traffic to ports filtered as restrictive as possible.

Specification

For non-Windows servers, applications are running within a jail/chroot environment. When impossible, running Linux applications are secured by SELinux or AppArmor.

Specification

ISO

For non-Windows servers, applications are running within a jail/chroot environment. When impossible, running Linux applications are secured by SELinux or AppArmor.

 

NBA