Lab #4 – Assessment Worksheet
Using Group Policy Objects and Microsoft Baseline Security Analyzer
(MBSA) for Change Control
Course Name and Number: _____________________________________________________
Student Name: ________________________________________________________________
Instructor Name: ______________________________________________________________
11/26/2014
Lab Due Date: ________________________________________________________________
Overview
There are many tools and suites designed to aid the security practitioner and the organization in implementing and managing change management. In this lab, you explored two such tools for the Windows platform: Group Policy Objects (built into the Windows operating systems) and the
Microsoft Security Baseline Analyzer (provided free of charge). You used Group Policy Objects to strengthen the organization’s password policy by adding complexity and minimum password length requirements. You scanned the Windows server with the Microsoft Baseline Security
Analyzer (MBSA) to assess its security state, and you examined the results of the Microsoft
Baseline Security Analyzer in detail.
Lab Assessment Questions & Answers
1. Define why change control management is relevant to security operations in an organization. Keeping up with technology advances, newly discovered vulnerabilities, and system updates are done through change control management.
2. Name six (6) policies you could enable in a Windows Domain.
Enforce password history, Maximum Password Age, Minimum Password Age, Minimum Password Length,
Store Password using reversible encryption and Password must meet complexity requirements.
3. What is the minimum password length enforced by the Password must meet complexity requirements policy?
Six
4. What sources could you use as a source to perform the MBSA security state?
Computer by Name or IP and multiple Computers by Domain or IP Range
5. What are some of the options that you can exercise when initiating the MBSA scan?
You can check for Windows administrative vulnerabilities and for security updates
© Jones & Bartlett Learning, LLC. NOT FOR SALE OR DISTRIBUTION
2
You can check for Windows administrative vulnerabilities and for security updates