Discuss the following, supplying citations to support any information that you provide. Do not include your opinion, only what you can support with a citation. Address the following topics.
- Describe operating system hardening
- Define it
- Why is it done?
- What steps are usually done in a Windows environment?
- Describe system restoration methods and procedures
- Define it
- Why is it needed?
- What tools and approaches are recommended?
- Describe network security controls
- Define it
- Why is it needed?
- What steps, tools, and policies are used to secure networks?
- Describe incident response teams and the role of evidence
- What are incident response teams and why do they exist?
- How does evidence collection relate to incident response teams?
- Discuss evidence
- Describe why evidence is collected,
- How it should be collected
- What can happen if it is collected or handled in an inappropriate way