Academic Integrity: tutoring, explanations, and feedback — we don’t complete graded work or submit on a student’s behalf.

Part 3 Host Device Security Configuration At the end of the report, Lynis provid

ID: 3754745 • Letter: P

Question

Part 3 Host Device Security Configuration At the end of the report, Lynis provides example security settings. For the following suggestions, explain what settings should be changed or applied in order to secure the host properly and why these configurations are necessary. User Authentication: Minimum Password Age User Authentication: Maximum Password Age USB Devices: Checking USBGuard SSH Support: MaxAuthTries SSH Support: MaxSessions » » SSH Suppoert: PermitRootLogin » Banner and Identification: Issue.net Contents

Explanation / Answer

Hi,

Read the suggestions Lynis provides you after the security audit.

Please find the answers in-line:

User Authentication: Minimum Password Age
User Authentication: Maximum Password Age

#
Password aging means a password can only be used for a specific duration of time before the user has to change it again. This rule enforces them to change it on a regular basis. Regular changes to the password , limits the risk of cracking passwords or being obtained by unauthorized people.

USB Devices: Checking USBGuard

#
USBGuard is a software framework for implementing USB device authorization policies,and USB use policies i.e how a USB device may interact with the system. USBGaurd protects the sustem from USB related attacks. USBGuard is designed to protect your computer against rogue USB devices. It is better to install it to harden the system.

Consider hardening the SSH Configuration:

SSH Support:MaxAuthTries

Example : MaxAuthTries (6 --> 2)
In strict sense reduce the max auth re tries.

SSH Support: MaxSessions

Example:
MaxSessions (10 --> 2)

Shown a suggestion to reduce the number. Lower sessions is good for system performance.

SSH Support: PermitRootLogin

PermitRootLogin Yes -> No

Banner and Identification: Issue.net Contents.

Add a legal banner to /etc/issue, to warn unauthorized users.
Make users aware that systems are monitored by legal requirements or law.

Related Questions

Part 2: Velocity of t e waves which form a standing wave on a string Procedure:
Question #1870343
Part 2: Volcanic hazards in the Pacific Northwest Use information on the Web to
Question #112880
Part 2: Wentworth Medical Center As part of a long-term study of individuals 65
Question #3242635
Part 2: Wentworth Medical Center As part of a long-term study of individuals 65
Question #3257352
Part 2: Which of the following affect the soundness of your decision? 1. Drivers
Question #1873028
Part 2: Work Done to Speed Up an Object In this part of the lab, you will amount
Question #2076369
Part 2: Work with a database Using the myco database in the Drop Box (myco.accdb
Question #3727180
Part 2: Write Ahead Log For each question use below table as the last snapshot f
Question #3890202
Hire Me For All Your Tutoring Needs
Integrity-first tutoring: clear explanations, guidance, and feedback.
Drop an Email at
drjack9650@gmail.com
Chat Now And Get Quote

Navigate

Previous
Part 3 For part 3, you will write a function called fire (), which gives the res
Next
Part 3 If you have not already, at some point in your career you will likely nee

Integrity-first tutoring: explanations and feedback only — we do not complete graded work. Learn more.