Preview

NT2580 Lab 4: Using Group Policy Objects and MBSA for Change Control

Satisfactory Essays
Open Document
Open Document
282 Words
Grammar
Grammar
Plagiarism
Plagiarism
Writing
Writing
Score
Score
NT2580 Lab 4: Using Group Policy Objects and MBSA for Change Control
Lab 4 It255

1. Define why change control management is relevant to security operations in an organization?

Change control is a systematic way to approaching change. Within an organization, it can prevent the possibility of services becoming interrupted and if so, provide a plan to bring them back up as soon as possible.

2. What type of access control system uses security labels?

Label-base access control (LBAC)

3. Describe two options you would enable in a Window’s Domain password policy?

Minimum password length and password complexity requirements

4. Where would patch management and software updates fall under in security operations and management?

Monitoring, Tracking, Testing

5. Is there a setting in your GPO to specify how many login attempts will lockout an account? Name 2 parameters that you can set to enhance the access control to the system.

Account lockout duration and threshold

6. What are some Password Policy parameter options you can define for GPOs that can enhance the C-I-A for system access?

Minimum password length, maximum password age, password must meet complexity requirements, and store passwords using reversible encryption

7. What sources you use as a source to perform the MBSA security state?

Computer by Name or IP and multiple Computers by Domain or IP Range

8. What does WSUS stand for, and what does it do?

Windows Server Update Service and it downloads Microsoft updates to a single server and deploys them

9. What is the difference between MBSA and Microsoft Update?

MBSA scans for security vulnerabilities while Microsoft update checks the Microsoft database for available updates. They are two totally different tools.

10. What are some of the options that you can exercise when using the MBSA tool?

You can check for Windows administrative vulnerabilities and for security updates

You May Also Find These Documents Helpful

  • Satisfactory Essays

    1.) Change control manager enforces change of things passwords. Password change policies makes things difficult for hackers. It’s Brute force attack.…

    • 84 Words
    • 1 Page
    Satisfactory Essays
  • Satisfactory Essays

    | * OS Update appliance * Patch/Configuration appliance * Embedded biometrics * Remote policy management * Endpoint Encryption * Secure browser * Secure Email * Incremental backup…

    • 409 Words
    • 2 Pages
    Satisfactory Essays
  • Satisfactory Essays

    Finally, the system/application domain would require virtual testing of everything before any implementation, hardening of all servers, and keeping up with patches and updates regularly after testing has been completed. Some of the more efficient ways to implement better access controls in a company would start with the proper level of authorization policies including physical controls for facilities. The authorization policy would appropriate entry system access controls that specify what areas are to be locked at all times and what type of locking mechanism should be implemented. It would also include the implementation of secondary locks on specific equipment and storage cabinets…

    • 439 Words
    • 2 Pages
    Satisfactory Essays
  • Good Essays

    It244 R Appendix E

    • 650 Words
    • 3 Pages

    Describe the policies for securing the facilities and the policies of securing the information systems. Outline the controls needed for each category as relates to your selected scenario.…

    • 650 Words
    • 3 Pages
    Good Essays
  • Satisfactory Essays

    When developing a multi-layered security plan, you must look at each of the seven domains of the IT infrastructure and increase security on each of those domains. Increasing the security on each of those seven domains will increase the overall security of the system and create a multi-layered security plan.…

    • 512 Words
    • 3 Pages
    Satisfactory Essays
  • Powerful Essays

    IS3340-Unit 2-Assignment 2

    • 1549 Words
    • 6 Pages

    iii. All EPHI must be removed and relocated to a system that supports the foregoing security password structure.…

    • 1549 Words
    • 6 Pages
    Powerful Essays
  • Satisfactory Essays

    NT2580

    • 331 Words
    • 2 Pages

    Given a list of policy violations and security breaches, select three breaches, and consider the best options for controlling and monitoring each incident. Identify the methods to mitigate risk and minimize exposure to threats or vulnerabilities.…

    • 331 Words
    • 2 Pages
    Satisfactory Essays
  • Satisfactory Essays

    Microsoft updates scans a single computer at a time for missing updates using the Microsoft database (requiring internet connection), whereas MBSA scans multiple computers at a time (with or without internet access) not only for missing updates, but vulnerabilities as well.…

    • 952 Words
    • 4 Pages
    Satisfactory Essays
  • Satisfactory Essays

    FunSec2 SLM Lab04 Final

    • 295 Words
    • 2 Pages

    There are many tools and suites designed to aid the security practitioner and the organization in…

    • 295 Words
    • 2 Pages
    Satisfactory Essays
  • Satisfactory Essays

    Authentication: The key badge given to each employee will be used to allow access and authenticate that employee. An initial temporary password will be applied to each employee logon information and require the employee to change the password on first login. The policy will be set up to ensure that the employees create strong passwords and are required to change their passwords every 60 to 90 days. Employees at higher levels who have access to sensitive information may also be required to use two-factor authentication such as fingerprint biometric access to get into rooms and buildings and/or simply login to their computer system. PIN numbers will be used to access server rooms. Token will be issued to provide access remotely to allow for secure logins.…

    • 328 Words
    • 2 Pages
    Satisfactory Essays
  • Good Essays

    lab 4

    • 503 Words
    • 2 Pages

    Of these three fundamental controls, which two are used by the Domain User Admin to create users and assign rights to resources?…

    • 503 Words
    • 2 Pages
    Good Essays
  • Powerful Essays

    The specific purpose of this paper is to describe the authentication process and to describe how this and other information security considerations will affect the design and development process for new information systems.…

    • 1478 Words
    • 5 Pages
    Powerful Essays
  • Good Essays

    LAB 3

    • 368 Words
    • 2 Pages

    1. What are the three fundamental elements of an effective access control solution for information systems?…

    • 368 Words
    • 2 Pages
    Good Essays
  • Good Essays

    Lab8 1 Some Common Risks

    • 505 Words
    • 3 Pages

    Using multi-factor authentication is a recommended best practice when implementing a Remote Access Policy server user authentication service (Scarfone, Hoffman, & Souppaya, 2009).…

    • 505 Words
    • 3 Pages
    Good Essays
  • Satisfactory Essays

    Linux Security Lab 2

    • 304 Words
    • 2 Pages

    8. What is the PASS_MAX_DAYS setting? Why is it good to set this? Max days to change your password. This is a great idea to force people to change passwords and if they don’t then the account goes bye bye.…

    • 304 Words
    • 2 Pages
    Satisfactory Essays