There are many tools and suites designed to aid the security practitioner and the organization in implementing and managing change management. In this lab, you explored two such tools for the Windows platform: Group Policy Objects (built into the Windows operating systems) and the Microsoft Security Baseline Analyzer (provided free of charge). You used Group Policy Objects to strengthen the organization’s password policy by adding complexity and minimum password length requirements. You scanned the Windows server with the Microsoft Baseline Security Analyzer (MBSA) to assess its security state, and you examined the results of the Microsoft Baseline Security Analyzer in detail.
Lab Assessment Questions & Answers
1. Define why change control management is relevant to security operations in an organization.
Keeping up with technology advances, newly discovered vulnerabilities, and system updates are done through change control management.
2. Name six (6) policies you could enable in a Windows Domain. Enforce password history, Maximum Password Age, Minimum Password Age, Minimum Password Length, Store Password using reversible encryption and Password must meet complexity requirements.
3. What is the minimum password length enforced by the Password must meet complexity requirements policy?
4. What sources could you use as a source to perform the MBSA security state? Computer by Name or IP and multiple Computers by Domain or IP Range
5. What are some of the options that you can exercise when initiating the MBSA scan? You can check for Windows administrative vulnerabilities and for security updates