The implementation of security scanners and profilers such as Microsoft’s Baseline Security Analyzer (MBSA) are an important component of maintaining an up-to-date and secure Windows infrastructure.
Lab Assessment Questions & Answers
1.Why is it important to run the MBSA?
It’s important to run the MBSA because it keeps your system safe and up-to-date.
2.What does an MBSA analysis look for?
It’s important to run the MBSA because it scans for missing security updates and less secure system configurations.
3.How can MBSA be executed?
MBSA can be executed through the Windows Start menu or through the command line.
4.Does the system that is being scanned need to have access to the internet for the scan to be successful? The MBSA will still scan the system and notify you of vulnerabilities but if it’s connect to the internet then it won’t be able to download the latest software updates.
5.In what formats can the scan results be viewed?
Formats can be viewed in XML and .txt.
6.Could you scan one computer at a time or could you perform multiple scans at a time? You can perform multiple scans at once.
7.What portion of the scan takes longer? Is it necessary to perform this scan every time? The full system scan takes longer. It’s not necessary to perform the scan every time you scan but the full scan should be completed at least once a week.
8.Are the scans saved locally, and if so where?
Scan reports are stored on the computer where the tool is installed in the %userprofile%’SecurityScans folder.
9.Could you exclude patches to be scanned for?
Yes, you can configure MBSA to exclude specific security patches.
10.Which are some of the major recommendations that you would provide to secure any Windows system? I would recommend that MBSA be ran on a regular basis to include full system scans. Anti-virus and anti-malware programs should be installed on systems as well. Implement password complexity and longevity requirements as well as require security awareness training for users.