Third Defensive Layer: Set the Rules for the Playground
This layer and the next could just as easily be considered layers 3a and 3b. In this layer, we attempt to prevent an attacker from exploiting holes in applications or the operating system to launch applications. In the next layer, we look into preventing an attacker who has successfully escalated his privileges from accessing stored data.
Applying the latest security patches will prevent an attacker from using known exploits to compromise your system. Running workstations and servers without patching them or letting patches sit uninstalled for a prolonged period is a recipe for disaster. It is like leaving a ladder outside the house that a potential burglar can use to break ...