Summary
Security scanners and profilers, such as Microsoft’s Baseline Security Analyzer (MBSA), play a crucial role in maintaining the security and currency of a Windows infrastructure.
Lab Assessment Questions & Answers
The significance of running the Microsoft Baseline Security Analyzer (MBSA) is to ensure the safety and current status of your system.
An MBSA analysis serves the purpose of identifying less secure system configurations and detecting missing security updates.
3. The execution of MBSA can be done either through the Windows Start menu or by using the command line.
4. Is internet access necessary for a scan to be successful? The MBSA can conduct the scan and notify you of vulnerabilities, even without an internet connection. However, if the system is connected to the internet, it will not be able to fetch the latest software updates.
5. The scan results are accessible in both XML and .txt formats.
6. Is it possible to scan one computer at a time or perform multiple scans simultaneously? The capability for performing multiple scans at once is available.
7. Is it required to conduct a complete system scan each time and which part of the scan takes the longest? The full system scan is a lengthy process and should be done at least once per week.
8. The locally saved scans are stored in the %userprofile%’SecurityScans folder on the computer where the tool is installed.
Can specific security patches be excluded from scanning?
Yes, it is possible to configure MBSA to exclude certain security patches.
The key suggestions for securing a Windows system include regularly running MBSA for comprehensive system scans, installing anti-virus and anti-malware software on all systems, enforcing password complexity and longevity requirements, and providing users with security awareness training.
