Closed FH089 closed 3 years ago
Thanks for the links. I skimmed the IT-Grundschutz Compendium very quickly, and it seems to be quite high-level, not entering into technical details (although it touches a huge number of topics). Is there a specific part about hardening? (I haven't found it).
As for the RUAG report, the recommendations are good however we may have similar ones in many APT-related reports. I'm not sure I'll keep it in this list, or maybe I should create a specific section about how to secure systems against this kind of APT attacks.
I think the APT report can be deleted, this repo does not deal with incident response, protecting networks against APT attacks or Malware Analyse.
Have a look at the chapter SYS.1.2.2: Windows Server 2012(page 452). There are no configurations that can be adopted 1 to 1, but requirements are defined. For example:
SYS.1.2.2.A8 Protection of System Integrity Secure boot SHOULD be active. AppLocker SHOULD be enabled and configured as stringently as possible. The effects of changes SHOULD be tested in advance.
From this requirement, I can learn about configurations that protect the integrity of the system.
All requirements that have to do with systems of any kind will start with SYS from page 438 onwards.
hey i will close the PR.
Both documents do not give specific tips but can be useful for orientation.