The secure your wordpress site Codex has an outline of what permissions are acceptable. File and directory permissions can be changed via an FTP client or within the administrative page from the hosting company.
Truth is, there is really no way, if your own website is targeted by a master of the script. Everything you are about to read below are some actions you can take to quickly minimize the risk. Odds are a hacker would prefer choosing easier victim, another if your find out WordPress site is protected.
Keep your WordPress Setup to date - One of the simplest and most valuable tasks you can do yourself is to make sure your WordPress installation is updated. WordPress gives a notice on your dashboard to you, so there's really no reason not to do this.
Now we are getting into things specific to WordPress. Whenever you install WordPress, you have to edit the document config-sample.php and rename it to config.php. You want to set up the database information there.
Do your homework and some searching, but if you're pressed for time and need to get this done once and for all, try out the WordPress safety plugin that I use. It is a relief to know that my site (and business!) are secure.