Overview

Introduction

The Vulnerability Scanner MBSA module provides you with the instructions and devices to develop your hands-on skills in the following topics.

  • Introduction to Microsoft Security Baseline Analyzer
  • Implementing Recommendations
  • Saving Microsoft Security Baseline Analyzer Reports
  • Reviewing Configuration Changes

Lab time: It will take approximately 30 minutes to complete this lab.

Exam Objectives

The following exam objectives are covered in this lab:

  • CS0-001 2.1 Given a scenario, implement an information security vulnerability management process
  • CS0-001 2.2 Given a scenario, analyze the output resulting from a vulnerability scan
  • CS0-001 2.3 Compare and contrast common vulnerabilities found in the following targets within an organization

Exercise 1 - Introduction to Microsoft Baseline Security Analyser

Microsoft Baseline Security Analyzer (MBSA) checks for available updates to the operating system, Microsoft Data Access Components (MDAC), MSXML (Microsoft XML Parser), .NET Framework, and SQL Server. MBSA also scans a computer for insecure configuration settings. When MBSA checks for Windows service packs and patches, it includes in its scan Windows components, such as Internet Information Services (IIS) and COM+.

In this exercise you will complete the following tasks:

  • Configuration
  • Scanning
  • Results

Exercise 2 - Implementing Recommendations

Once a result has been confirmed, we must action changes against the configuration recommendations or at least have valid arguments for maintaining the device specifications. Here we will reset the password controls to keep them in line with best practice.

In this exercise you will complete the following tasks:

  • Clearing password settings

Exercise 3 - Saving Microsoft Security Baseline Analyzer Reports

Reports are a key feature of the audit trail; here we are auditing the configuration a server device and logging the information for the situation in the future where accountability is a necessity for tracking changes to the network topology.

In this exercise you will complete the following tasks:

  • Saving the report

Exercise 4 - Reviewing Configuration Changes

Once changes have been made to the device, these need to be checked by MBSA to see that they pass the configuration requirements. Therefore, we will move through these steps more briskly to complete this requirement.

In this exercise you will complete the following tasks:

  • Activate the scanner