Chapter 19

Configuring and Implementing Endpoint Security Controls

This chapter covers the following topics:

  • Hardening Techniques: This section covers removing unneeded services, disabling unused accounts, using images/templates, removing end-of-life devices, removing end-of-support devices, local drive encryption, enabling the no execute (NX)/execute never (XN) bit, disabling central processing unit (CPU) virtualization support, secure encrypted enclaves/memory encryption, shell restrictions, and address space layout randomization (ASLR).

  • Processes: This section covers patching of firmware and applications, logging, and monitoring.

  • Mandatory Access Control: This section covers Security-Enhanced Linux (SELinux)/Security-Enhanced Android (SEAndroid), ...

Get CompTIA Advanced Security Practitioner (CASP+) CAS-004 Cert Guide now with the O’Reilly learning platform.

O’Reilly members experience books, live events, courses curated by job role, and more from O’Reilly and nearly 200 top publishers.

Start your free trial