Instructions
Submit a thread of at least 300 words that completely answers the questions. In addition to the thread, you must also reply to at least 2 other threads. Each reply must be at least 100 words. Must use complete paragraphs, proper APA formatting, and cite information that is not his/her own.
Thread
The United States Government Configuration Baseline (USGCB) evolved from the Federal Desktop Core Configuration mandate and is a government-wide initiative to maintain and properly update security settings (http://usgcb.nist.gov). Research and summarize at least 2 recent security patches that relate to your current operating system. In a separate paragraph, do you feel these security patches help secure your computer? Why? Defend your response.
Replies
Reply to each thread. 100 words minimum each response.
Reply #1
“May there be peace within your walls and security within your citadels!”(Psalm 122:7, NIV), God is our source of security, he has a plan of attack, as well as watching over us to make sure nothing happens that where we cant come back from. “The purpose of the United States Government Configuration Baseline (USGCB) initiative is to create security configuration baselines for Information Technology products widely deployed across the federal agencies”(COMPUTER SECURITY RESOURCE CENTER, & NIST, 2018). By implementing this tool, it has improved security configuration, as well as strength security baselines as a whole. As good as these baselines are, patches are extremely necessary to maintain the level of security needed with the ever advancing technology. Windows, my current operating system recently came out with new patches updating several features in their security sections. two of which being Windows Defender ATP and BitLocker. Windows Defender ATP, or advanced threat protection was enhanced with threat analytics as well as custom detection. Threat analytics send reports of possible threats which then is sent to a team to determine the actions that need to be taken. Custom detection, in which you can create a query you specifically want to monitor in order to take necessary steps to improve prevention of attacks. Next BitLocker, this is a program that can be used to encrypt your device in hopes to prevent potential future attacks.
With these security patches recently added by windows, I feel as though more steps have been taken to increase and improve the security on our operating systems. It guarantees that improvements are being made, and that these security professionals are always at work to better their systems. With constant updates, windows operating system user can be assured that their devices have systems that are up to date and ready to defend possible threats.
“You will be secure, because there is hope; you will look about you and take your rest in safety”(Job 11:18, NIV)
Reply #2
The United States Government Baseline was developed to supply federal agencies with direction in the best ways to configure information security. As stated by Rouse, the goal of USGCB is to standardize the configuration setting in IT, lower costs, improve effectiveness and strengthen system procedures to find existing security threats and those that have not been discovered yet. There are several different MacOS High Sierra 10.13.6 security updates that have happened recently. The first one I want to talk about is ATS. The description says it addressed a corruption issue with improved input validation. The impact before the security update was “A malicious application may be able to elevate privileges” (Apple Support). The second one is EFI. The description says an issue with configuration was addressed and improvement was made with memory handling. The impact before the security update was “an application may be able to execute arbitrary code with system privileges” (Apple Support).
Both of these security patches have definitely helped secure my operating system. The ATS security update helped secure my operating system because if I were to click on an application or email and download a link that I did not know was malicious, without this patch the application would be able to hijack my system unknowing effectively locking me out of my computer and potentially holding it for ransom. With this patch it prevents this scenario. With EFI, this patch would also very much help me. In the event an application obtained system privileges through arbitrary code it could change my passwords and lock me out. With the EFI patch this will now be prevented. Proverbs 24:3-4 tells us, “By wisdom a house is built, and through understanding it is established” (NIV). We have to look at our operating systems as a house. We must make sure we are consistently updating our operating systems to keep out intruders and understand what we need to do to make this happen.
Apple Support. Retrieved March 5, 2019 from: https://support.apple.com/en-us/HT209193
Rouse, Margaret. USGCB (United States Government Configuration Baseline): TechTarget.