Professional Documents
Culture Documents
'nformation Assurance 6 2
:eleased1 ;!4;
age ,.,.4!,
#sin$ t"e MSBSA ,. )aunch the MS+SA. Select the .Scan a computer/ link. 2. 0our screen will look like the one shown below. 0our computer name will be in the dialog bo& by default. 0ou can also scan by its ' address. )ook at the option check bo&es shown below. +y default, they are all checked. -he Windows vulnerabilities option will check items such as guest account 7enabled or disabled9, check the local password and see if Automatic updates are being done. -he security updates option will not only check for operating system security issues, but also application security issues such as Media layer and Office security issues. Make sure that all the Option bo&es are checked before you begin the scan.
<. %lick on
3. When the scan is complete, a Security :eport will appear. With the sort"order set to .worst first,/ what were the two biggest!worst security risks present on your %= ,. 2.
'nformation Assurance 6 2
:eleased1 ;!4;
age ,.,.4!2
;. %lick on the .What was scanned/ for the >, item in the report for some details about this issue!risk. ?. %lick on the .:esult details/ link for the >, item for information about versions of software that are not up"to"date and!or patches that need to be installed. :eferences to the original Microsoft Security bulletin7s9 and links to the Microsoft web site will give even more details. @. %lick on the .Aow to correct this/ link for the >, item to get step"by"step instructions on how to correct the problem. rint this document and keep it for future reference. B. :un a scan on another % in the classroom. #id you get the same results or different ones=
Analysis ,. What operating system7s9 would you view as most vulnerable to e&ploitation=
2. +ased on the MS+SA scan, what application software items listed on your computer would you view as most vulnerable to e&ploitation=
<. +ased on the information gathered, what items would you correct first=
3. After working with this utility, do you see any potential items that it missed= 'f yes, what are they=
A%%en&i': -his lab was developed using MS +aseline Security Analyzer version 2, which can be obtained from http1!!www.microsoft.com or http1!!www.download.com
'nformation Assurance 6 2
:eleased1 ;!4;
age ,.,.4!<
'nformation Assurance 6 2
:eleased1 ;!4;
age ,.,.4!3