Hardening components of a Platform with the intention of making them more difficult to exploit.
Platforms includes components such as:
- BIOS UEFI Subsystems
- Hardware security devices such as Trusted Platform Modules
- Boot process logic or code
- Kernel software components
There are 10 techniques in this category, Platform Hardening.
|Hardening components of a Platform with the intention of making them more difficult to exploit. Platforms includes components such as: * BIOS UEFI Subsystems * Hardware security devices such as Trusted Platform Modules * Boot process logic or code * Kernel software components
|Endpoint Hardening , and System Hardening
|- RF Shielding
|Adding physical barriers to a platform to prevent undesired radio interference.
|- Software Update
|Replacing old software on a computer system component.
|- System Configuration Permissions
|Restricting system configuration modifications to a specific user or group of users.
|- TPM Boot Integrity
|Assuring the integrity of a platform by demonstrating that the boot process starts from a trusted combination of hardware and software and continues until the operating system has fully booted and applications are running. Sometimes called Static Root of Trust Measurement (STRM).
|Static Root of Trust Measurement , and STRM
|- Bootloader Authentication
|Cryptographically authenticating the bootloader software before system boot.
|- Disk Encryption
|Encrypting a hard disk partition to prevent cleartext access to a file system.
|- Driver Load Integrity Checking
|Ensuring the integrity of drivers loaded during initialization of the operating system.
|- File Encryption
|Encrypting a file using a cryptographic key.
|- Local File Permissions
|Restricting access to a local file by configuring operating system functionality.
A knowledge graph of cybersecurity countermeasures