Prevention and Hardening

No single control stops ransomware. Prevention layers independent barriers so that bypassing one still leaves others standing. The goal is to make intrusion harder, spread slower, and recovery guaranteed.

This lesson covers the highest-impact controls: backups, segmentation, least privilege, MFA, patching, and attack-surface reduction.

Backups are the ultimate insurance against encryption. A robust strategy follows 3-2-1-1-0:

• 3 copies of data
• 2 different media types
• 1 copy offsite
• 1 copy offline or immutable
• 0 errors verified by regular restore tests

The immutable and offline copy is what survives an attacker with domain admin who hunts your backups.