Chapter 4

Host Security

The Following CompTIA CASP Exam Objectives Are Covered in This Chapter:

• 1.5 Distinguish among security controls for hosts
  • Host-based firewalls
  • Trusted OS (e.g., how and when to use it)
  • End point security software
  • Anti-malware
  • Antivirus
  • Anti-spyware
  • Spam filters
  • Host hardening
  • Standard operating environment
  • Security/group policy implementation
  • Command shell restrictions
  • Warning banners
  • Restricted interfaces
  • Asset management (inventory control)
  • Data exfiltration
  • HIPS/HIDS
  • NIPS/NIDS

This chapter discusses host security. Host security is a critical component to defense in depth. Years ago, perimeter security and simply having antivirus on a computer may have been enough. This is not true anymore. Today, every time a user turns on a computer, clicks a link, or opens an email, there is the potential that an attack could occur. This is why host-based solutions such as anti-malware, antivirus, and anti-spyware are so important to the defense-in-depth strategy. While these items are part of the solution, good logical security is just like good physical security and requires host hardening. Logical security doesn’t require you to build a ten-foot concrete wall around your computer, but it does require you to harden the host ....