The Microsoft Baseline Analyzer Essay

1175 words - 5 pages

The Microsoft Baseline Security Analyzer (MBSA) is Microsoft’s user-friendly software vulnerability assessment tool intended for IT security professionals from small to medium-sized organizations used to scan one or more computers, and provide a detailed security assessment report with specific recommendations and guidance on correcting any found deficiencies (Vacca 2013). The MBSA used for this assignment was the MBSA version 2.3, which performed scans for missing patches, missing/weak passwords, and assess the holistic security status to determine any associated potential risks to the computer. MBSA utilized the Microsoft update catalog and determined which security updates required updating, provided a report on specific system information, and performed Windows Security and Desktop Application Scans to report any further administrative vulnerabilities.
The resulting security assessment report indicated that the scanned computer was at potential risk due to the failure of one or more non-critical checks. The results proved surprising as the scanned computer was purchased a little over a month ago. The failures in the report included, a) a missing a service pack (Windows Malicious Software Removal Tool released March 2014) and b) non-expiring and weak passwords for the user accounts. Fortunately, the MBSA found no other issues with the scanned computer’s firewall or desktop applications. These results were informative and provided guidance on how to better improve the scanned computer’s security measures. Using the recommendations for a solution to mitigate the potential risks, I installed the Malware Removal Tool software, created new more complicated passwords, and adjusted the user setting by removing the “password never expires” setting.
The MBSA actively scans and analyzes the computer system to determine if the Windows user, guest, and administrator accounts have weak or missing passwords. The SANS institute defines a weak password as a common usage word (available in English and foreign dictionaries) having less than 15 characters which uses no combination of numbers or special characters (SANS pdf http://www.sans.org/security-resources/policies/Password_Policy.pdf). The Defense in Depth Strategy for Information Assurance, originally developed by the National Security Agency modeled after military doctrine, uses multiple security mechanisms and controls arrayed in several layers throughout an IT system in order to protect valuable assets as shown in Figure 1. The layers act as redundant control measures to ensure that if one of the outer defense layers fail then one of the inner layers will prevent intrusion and protect the system. These security layers and controls should include policies, physical controls, authentication controls, and access controls.
Strong passwords are one of the first layers of in this strategy paradigm. In a corporate environment, where the value of protected systems and data is high, strong...

Find Another Essay On The Microsoft Baseline Analyzer

Resources for Differentiated Instruction Essay

771 words - 4 pages reading tasks based upon software that determines student-reading abilities. This free website, Get a Lexile Text Measure, at http://www.lexile.com/analyzer/ measures the text readability for the reading assignments in your curriculum. I like this site because you can measure different types of text and match them for each student. The site is free to join (with registration) and free upgrades for educators. As our District prepares for the

High Prevalence of Hepatotoxicity on HIV Patients under TDF First Base Line Therapy

1669 words - 7 pages hepatotoxicity is found to be higher baseline transaminase level, hepatitis B or C co-infections, NVP, EFV based regimen, alcohol abuse, higher dose of ritonavir and female sex. The major mechanism of hepatotoxicity is found to be direct toxicity which may be due to the idiosyncratic polymorphisms present in the drug metabolizing enzymes in the liver such as cytochrome complexes and transporter genes leading to activation of apoptotic pathway [24

Securing networks

2340 words - 9 pages an excellent link to various types of network scenarios at this link provided by Microsoft. Microsoft have themselves published a lot of excellent information on ways to harden your network. Unlike much of the rhetoric you may hear about Microsoft's security you would be well advised to peruse their security section. There are many, many excellent pieces of information there to be had. Why go for a third party software solution if Microsoft

Exercise Physiology

4573 words - 18 pages student and were recorded by the computer. The student then had a head piece placed on them. It allowed Dr. Baur to position the mouthpiece perfectly at mouth level allowing the students to bite down on it with relative ease. A nose plug was placed on the student to ensure that all air inhaled and exhaled would be measured by the flow analyzer. After all this was done, the test began. The students baseline vitals were collected at a walking rate

Introduction to Typography

4032 words - 16 pages . This distance is measured in points and is measured from the baseline of one line to the baseline of the line above it. Typography in Society The Ten Most Popular Fonts The font that we choose to use on any design project plays a critical part in portraying the message of our design. This is why it is critical that we select a design that reinforces the context of our design brief. Most of the fonts that are more popular in design are

History of computers

1733 words - 7 pages IBM.Just prior to the introduction of Hollerith's machine the first printing calculator is introduced. In 1892 William Burroughs, a sickly ex-teller, introduces a commercially successful printing calculator. Although hand-powered, Burroughs quickly introduces an electronic model.In 1925, unaware of the work of Charles Babbage, Vannevar Bush of MIT builds a machine he calls the differential analyzer. Using a set of gears and shafts, much like Babbage

Operating Systems Comparison Analysis

6485 words - 26 pages was decided to select operating systems available to the analysis team. Given that as a primary consideration, the team selected Microsoft Windows XP and the Ubuntu desktop Linux distribution for comparison. As a scenario driver the team opted for a company with 100 computers as a baseline for generating costs analysis.Cost AnalysisProviding an accurate cost comparison between the two OSs does not seem fair since the Ubuntu OS is an Open Source

Final Project: Executive Summary for Network Design Project

6239 words - 25 pages offers the desired bandwidths to meet the network requirements.Network Remote Access"Remote access is a set of technologies that transparently connects a computer, typically located in an off-site or remote location, to a network" (Microsoft, 2002, ¶ 2). Simply put, remote access refers to methods used to connect one device to another that are usually on different networks. One way to view it would be that remote access is a computer program

Implementing Project Management Techniques

1581 words - 7 pages There are many methods and techniques for a project manager (PM) can use to run a successful project. Some of these include: identifying the stakeholder’s roles and responsibilities, tracking measureable business outcomes, apply project controls and view monitoring the dynamics of a working project. These project management techniques are used in order to improve the project model in a baseline project plan. As a PM employs these techniques

The History of Computers (1946-1992)

1399 words - 6 pages The first electronic digital computer was called ENIAC (Electronic Numerator Integrator Analyzer and Computer), and was invented at the University of Pennsylvania in 1946. Its was constructed for military purposes. Weighing around 27 tons and was the size of a room (was about 9m by 17m). The ENIAC made loud noises, it crackled and buzzed when it was performing an equation, it also let out an incredible amount of heat since it had 17,000 vacuum

Kudler Fine Foods – Coupon Project

1240 words - 5 pages Kudler's coupon project and bring the project back on track. The implementation of Microsoft Project, which monitors the project and resources, would be used to monitor each phase of the project through its completion.ReferencesChickowksi, Ericka. (2008, November). 10 Project Chartering Tips, Baseline, 28. Retrieved November 28, 2008 from MasterFile Premier Database.Haughey, D. (2008). Project Planning A Step by Step Guide. Retrieved November 30, 2008

Similar Essays

It Sec Essay

699 words - 3 pages This tool is the tool that audits the configuration of your security posture and advises you of vulnerabilities. The Microsoft Baseline Security Analyzer combines a graphical user interface with a command line interface to allow end users of Microsoft Windows to easily asses the security state of their machines and domain. In the real world it would be used to take a snapshot of what the current security posture would be and then make

Components Of Pci Standards Essay

969 words - 4 pages organizations to access weaknesses in a working IT infrastructure. It exposes a prioritized list of issues and provides guidance to minimize those risks. Microsoft Baseline Security Analyzer is an easy-to-use tool that identifies common security related risks in a number of Microsoft products including operating systems, explorer and office suite. It provides the details on missing security update patches. Keeping your systems up-to-date is a very important way to secure your IT infrastructure. Operation Manager 2007 can securely and effectively extract and collect the logs from operating systems running windows operating system.

Vulnerability Assessment Of The Company System And Recommendations On Measures To Mitigate Or Eliminate Potential Risks

1167 words - 5 pages as they are discovered, the tool is called Microsoft Baseline Security Analyzer (MBSA) created by Mark Shavlik. MBSA can scan computers running Windows 7, XP, 2000, Vista, Office 2000, SQL Server desktop Engine, 7.0, 2000, 2005 and other systems (Simpson, Backman & Corley 2011: 211). MBSA provides built-in checks to determine Windows vulnerabilities such as blank or weak passwords, IIS and SQL administrative vulnerabilities. MBSA also provides

Regulatory Issues For Opening A Laboratory

1521 words - 6 pages FDA clearance or approval requirements.In order to perform all CLIA-waived tests in the laboratory, he needs to apply for a CLIA certificate of wavier (COW), Form CMS-116. The form collects information about the laboratory operation which is to determine the fees and the type of certificate, to establish baseline data, and to fulfill the law requirements for CLIA. Also, the form needs some basic information such as type of laboratory, hours of