1 00:00:00,520 --> 00:00:02,900 In this section of the course, we're going to discuss 2 00:00:02,900 --> 00:00:05,210 hardening your operating system, but what 3 00:00:05,210 --> 00:00:06,920 exactly is hardening? 4 00:00:06,920 --> 00:00:09,400 Hardening is the act of configuring an operating system 5 00:00:09,400 --> 00:00:12,780 securely by updating it, creating rules and policies 6 00:00:12,780 --> 00:00:15,020 to govern it, and removing unnecessary 7 00:00:15,020 --> 00:00:17,230 applications and services. 8 00:00:17,230 --> 00:00:19,220 Let's take a look at an example of hardening 9 00:00:19,220 --> 00:00:20,590 in the real world. 10 00:00:20,590 --> 00:00:22,920 Let's say you have a couple of errands to run today. 11 00:00:22,920 --> 00:00:25,420 First, you get in your car and you go to the electronics 12 00:00:25,420 --> 00:00:28,230 store and you buy yourself a brand new laptop. 13 00:00:28,230 --> 00:00:30,630 You leave the store, you put the laptop in the backseat 14 00:00:30,630 --> 00:00:33,290 of your car, and you drive to the grocery store. 15 00:00:33,290 --> 00:00:36,050 Now, as you park your car at the grocery store, you're going 16 00:00:36,050 --> 00:00:38,750 to do a few things to harden your car in an attempt 17 00:00:38,750 --> 00:00:41,590 to prevent somebody from stealing your new laptop. 18 00:00:41,590 --> 00:00:44,350 First, you might roll up the windows so they can't reach in 19 00:00:44,350 --> 00:00:45,740 and take it easily. 20 00:00:45,740 --> 00:00:48,360 Next, you'll lock the doors so they can't simply open 21 00:00:48,360 --> 00:00:50,400 the door while you're in the store. 22 00:00:50,400 --> 00:00:53,960 Finally, you set the car alarm so if anyone tries to get in, 23 00:00:53,960 --> 00:00:57,500 the lights will flash and the horn will honk loudly. 24 00:00:57,500 --> 00:01:00,050 You did all of this and does that mean you're ensuring 25 00:01:00,050 --> 00:01:01,760 your laptop won't get stolen? 26 00:01:01,760 --> 00:01:04,670 Well, of course not, because I could simply break your window 27 00:01:04,670 --> 00:01:06,390 and take your laptop. 28 00:01:06,390 --> 00:01:09,830 After all, we're not guaranteed security here, but instead, 29 00:01:09,830 --> 00:01:12,930 what we've done is minimized the risk of theft by performing 30 00:01:12,930 --> 00:01:14,570 some hardening actions. 31 00:01:14,570 --> 00:01:16,930 The same holds true in the world of computers. 32 00:01:16,930 --> 00:01:19,660 We can mitigate the risk by minimizing the vulnerabilities 33 00:01:19,660 --> 00:01:23,500 in an effort to reduce our exposure to threats, but we can't 34 00:01:23,500 --> 00:01:25,490 eliminate the risk completely. 35 00:01:25,490 --> 00:01:28,500 Risk can only be minimized because there's always some kind 36 00:01:28,500 --> 00:01:32,150 of threat and some kind of vulnerability in a given system. 37 00:01:32,150 --> 00:01:34,820 Even if I have a new computer with all the latest software 38 00:01:34,820 --> 00:01:37,820 patches and excellent anti-malware solution on it, 39 00:01:37,820 --> 00:01:40,280 a zero-day vulnerability could still be discovered 40 00:01:40,280 --> 00:01:42,670 and exploited by a malicious actor. 41 00:01:42,670 --> 00:01:45,060 In this section, we're going to be focused on hardening 42 00:01:45,060 --> 00:01:48,643 our systems and minimizing vulnerabilities.