Overview

Introduction

Welcome to the Perform Security Assessment Using MBSA Practice Lab. In this module you will be provided with the instructions and devices needed to develop your hands-on skills.

Learning Outcomes

In this module, you will complete the following exercises:

  • Introduction to Microsoft Baseline Security Analyzer
  • Implementing Recommendations
  • Saving Microsoft Baseline Security Analyzer Reports
  • Reviewing Configuration Changes

After completing this lab, you will be able to:

  • Set up MBSA Configuration
  • Scan an IP range
  • Review the results of the scan
  • Clear password settings
  • Save a report
  • Activate the scanner

Exam Objectives

The following exam objectives are covered in this lab:

  • CAS-003 3.2 Analyze a scenario or output and select the appropriate tool for a security assessment.

Lab Duration

It will take approximately 1 hour to complete this lab.

Exercise 1 - Introduction to Microsoft Baseline Security Analyzer

Microsoft Baseline Security Analyzer (MBSA) checks for available updates for:

  • The operating system
  • Microsoft Data Access Components (MDAC)
  • MSXML (Microsoft XML Parser)
  • .NET Framework
  • SQL Server

MBSA also scans a computer for insecure configuration settings. When MBSA checks for Windows service packs and patches, it includes in its scan Windows components, such as Internet Information Services (IIS) and COM+.

Learning Outcomes

After completing this exercise, you will be able to:

  • Set up MBSA Configuration
  • Scan an IP range
  • Review the results of the scan

Exercise 2 - Implementing Recommendations

Once a result has been confirmed, you must action changes against the configuration recommendations or at least have valid arguments for maintaining the device specifications. Here you will reset the password controls to keep them in line with best practice.

Learning Outcomes

After completing this exercise, you will be able to:

  • Clear password settings

Exercise 3 - Saving Microsoft Baseline Security Analyzer Reports

Reports are a key feature of the audit trail; here you are auditing the configuration a server device and logging the information for the situation in the future where accountability is a necessity for tracking changes to the network topology.

Learning Outcomes

After completing this exercise, you will be able to:

  • Save a report

Exercise 4 - Reviewing Configuration Changes

Once changes have been made to the device, these need to be checked by MBSA to see that they pass the configuration requirements. Therefore, you will move through these steps more briskly to complete this requirement.

Learning Outcomes

After completing this exercise, you will be able to:

  • Activate the scanner

Comprehensive Learning

See the full benefits of our immersive learning experience with interactive courses and guided career paths.