Design Review activity focus on identification of threat in the initial phase of application/Network design. This phase involves discussion with architects on the finalized design to identify security gaps.
Process of securing a system by reducing its surface of vulnerability. Review of devices and servers configuration based on globally accepted framework/guideline. Reducing available ways of attack typically includes changing default passwords, the removal of unnecessary software, unnecessary usernames or logins, and the disabling or removal of unnecessary services.