The Fullsoft emphasis on mitigating security risk and protecting system-sensitive data required the team to configure a baseline of security controls on every Windows 7 or Windows 10 workstation. The main objective was to ensure the effective functioning of the antivirus software and implement critical control for password hacking attempts. Furthermore, the team needed to continuously monitor, improve and test other countermeasures to improve the overall security posture. Therefore, the team embraced the security approaches needed to review the security system and improve data security in all the workstations.
Antivirus Program Review
Firstly, the system must review the antivirus program and ensure its effectiveness. The following steps ensured that the antivirus software was working efficiently. The team needed to update and verify the antivirus software to the newest version, which will detect the recent virus definition. Consequently, regular updates guarantee protection against the latest virus threats in systems. Besides, the team needed to enable automatic updates in the systems. It needed to configure the antivirus program to guarantee automatic updates and make the software stay even when the manual updates are overlooked (Kenfack et al., 2023). Also, the system required an effective configuration process to ensure scheduled scans which are essential in detecting and eliminating viruses regularly (Babatunde et al., 2022). Therefore, the team’s activities checked the performance of the antivirus system and ensured automatic updates were enabled, and quick scans were scheduled to run daily to ensure that the system addressed significant security threats in time.
Audit Logging Configuration
Audit logging configuration is important because it records all firm passwords attempted as a proactive security measure in the current digital age. The auditing enables the monitoring of potential and authorized access attempts to the workstation systems and detects and mitigates the threat in its initial stages before it harms the systems (Pattanayak et al., 2022). The team audited and safeguarded the system to guarantee that sensitive data was protected from being accessed by an authorized person, which improved the system’s integrity. The practice is essential because it strengthens cybersecurity efforts and demonstrates compliance with digital regulations (Kenfack et al., 2023). Therefore, the team configured the audit logging, which showed that all the failed password attempts in the system were recorded, and effective measures were put in place to avoid the threat of an authorized person accessing the system. The approach enabled the team to monitor the potential, authorize access attempts, and provide long-lasting solutions that authentically protected the system from illegal entry.
Addressing Security Events
After configuring the baseline security for 24 hours, the team checked the event we wanted to evaluate the security events. The evaluation needed to provide any existing loopholes in the security system for them to be addressed amicably. The team discovered problematic events: multiple failed login attempts and malware quarantine. Firstly, the team realized multiple failed login attempts in the system happened from different IP addresses (Kenfack et al., 2023). The problem demonstrated that there is a possible brute-force password hacking process that the fraudsters had attempted. In response to the problem, numerous measures were taken. The team blocked suspicious IP addresses taken from the firewall to prevent other login attempts to the system. Besides, the password policy was strengthened to enforce password complexity requirements in account lockout policies which prevented search form attacks (Pattanayak et al., 2022). The team also ensured a user awareness training process to educate the system users on recognizing login and phishing attempts and emphasizing strong passwords.
Secondly, the antivirus software installed by the team effectively quarantined several malware files, an event that requires continuous system vigilance. The team emphasized ensuring the antivirus software is up-to-date with the latest virus definition in the system and conducted a comprehensive evaluation of the malware to understand the possibility of any given attack vectors from the malware. Effective analysis of the malware in the country in time provided the patterns of viruses and the updated antivirus system that could detect and mitigate the virus from affecting the system (Kenfack et al., 2023). Effective network processes and continuous system scans guarantee the system an effective approach to eliminating the presence of malware and updating the security on the development of updated viruses in the system. The computer users received a security training process on updating the antivirus software to drastically reduce future virus infection in computer systems.
Importance of System Hardening and Auditing
The primary goal of system hardening and auditing are twofold. Firstly, the hardening focuses on reducing the system’s vulnerability to potential attacks by viruses in an organization leading to access of information to an authorized person. Besides, configuring the baseline security controls and enforcing strong password policies minimizes their system exposure to the potential threats of attacks (Kenfack et al., 2023). Furthermore, updating antivirus software in the system protects the entire organization’s information technology infrastructure from infiltration of unwanted software and access that are threats to the system by computer viruses.
Secondly, system auditing plays a private role in identifying, monitoring and mitigating security threats in real time. Timely detection of security threats in an organization’s information technology systems allows for immediate response limiting the impact of the threat on the system. The effective auditing approach prevents any proactive cyber security threat to the system (Kenfack et al., 2023). The auditing process supports the organization in complying with the requirements to adhere to relevant standards and regulations for protecting the system against cyberattacks.
Emerging Trends on Ransomware Attacks
The rise of ransomware attacks targeting many organizations is the emerging trend in the information and technology industry that caught the attention of Fullsoft organizations. Ransomware is a significant threat to data availability and integrity in the system. Addressing this threat, Fullsoft needs to implement effective backup strategies and conduct regular security training to the organisation’s staff to understand the possibility of losing data and emphasize the continuous backup process of the system data (Babatunde et al., 2022). Besides, the information and technology department in the organization needs to continuously update antivirus systems and improve security measures to protect the organization from ever-evolving ransomware variants.
Conclusion
The Fullsoft project on the detective system auditing, hardening and timely response to the security threats in the system demonstrated the robust approach of the organization and its commitment to maintaining a secure information system environment. The baseline security control configuration process embraces prompt response to potential threats to the system and monitors security events, strengthening their defence against cybersecurity risks. Therefore, the team effectively and efficiently protects the organization’s data from potential cybersecurity attacks.
References
Babatunde, S. H., Olanrewaju, A. N., Andrew, Z. A. M. A. N. I., Bashir, A. M. I. N. U., Yusuf, I. A., & Mohammed, A. A. (2022). Megacity crime management strategies on human security: Evidence of target hardening and developmental prevention in Lagos state, Nigeria. World Journal of Advanced Research and Reviews, 16(1), 717-726.
Kenfack, P. D. B., Abana, A. B., Tonye, E., & Leka, G. E. N. (2023). Strengthening the Security of Supervised Networks by Automating Hardening Mechanisms. Journal of Computer and Communications, 11(5), 108-136.
Pattanayak, A., Steiner, S., & de Leon, D. C. (2022, March). Hands-on educational labs for cyber defence competition training. In Journal of The Colloquium for Information Systems Security Education (Vol. 9, No. 1, pp. 8–8).
Sethi, I. P. S., Sinha, S. K., Chauhan, N., & Khanduja, D. (2022). Secure Web Application: Rudimentary perspective. Journal of Engineering Education Transformations, 36.