Perform Security Assessment Using MBSA

Practice Labs Module
Time
1 hour 2 minutes
Difficulty
Intermediate

Welcome to the Perform Security Assessment Using MBSA Practice Lab. In this module you will be provided with the instructions and devices needed to develop your hands-on skills.

Join over 3 million cybersecurity professionals advancing their career
Sign up with
Required fields are marked with an *
or
Sign up with Google
Sign up with Apple
Sign up with Microsoft
View all SSO options

Already have an account? Sign In »

Overview

Introduction

Welcome to the Perform Security Assessment Using MBSA Practice Lab. In this module you will be provided with the instructions and devices needed to develop your hands-on skills.

Learning Outcomes

In this module, you will complete the following exercises:

  • Introduction to Microsoft Baseline Security Analyzer
  • Implementing Recommendations
  • Saving Microsoft Baseline Security Analyzer Reports
  • Reviewing Configuration Changes

After completing this lab, you will be able to:

  • Set up MBSA Configuration
  • Scan an IP range
  • Review the results of the scan
  • Clear password settings
  • Save a report
  • Activate the scanner

Exam Objectives

The following exam objectives are covered in this lab:

  • CAS-003 3.2 Analyze a scenario or output and select the appropriate tool for a security assessment.

Lab Duration

It will take approximately 1 hour to complete this lab.

Exercise 1 - Introduction to Microsoft Baseline Security Analyzer

Microsoft Baseline Security Analyzer (MBSA) checks for available updates for:

  • The operating system
  • Microsoft Data Access Components (MDAC)
  • MSXML (Microsoft XML Parser)
  • .NET Framework
  • SQL Server

MBSA also scans a computer for insecure configuration settings. When MBSA checks for Windows service packs and patches, it includes in its scan Windows components, such as Internet Information Services (IIS) and COM+.

Learning Outcomes

After completing this exercise, you will be able to:

  • Set up MBSA Configuration
  • Scan an IP range
  • Review the results of the scan

Exercise 2 - Implementing Recommendations

Once a result has been confirmed, you must action changes against the configuration recommendations or at least have valid arguments for maintaining the device specifications. Here you will reset the password controls to keep them in line with best practice.

Learning Outcomes

After completing this exercise, you will be able to:

  • Clear password settings

Exercise 3 - Saving Microsoft Baseline Security Analyzer Reports

Reports are a key feature of the audit trail; here you are auditing the configuration a server device and logging the information for the situation in the future where accountability is a necessity for tracking changes to the network topology.

Learning Outcomes

After completing this exercise, you will be able to:

  • Save a report

Exercise 4 - Reviewing Configuration Changes

Once changes have been made to the device, these need to be checked by MBSA to see that they pass the configuration requirements. Therefore, you will move through these steps more briskly to complete this requirement.

Learning Outcomes

After completing this exercise, you will be able to:

  • Activate the scanner
Learning Partner
Practice Labs

IT & Cybersecurity certification hands on practice labs and practice exams for certifications and skill development.

Comprehensive Learning

See the full benefits of our immersive learning experience with interactive courses and guided career paths.

Courses