Module 07: Critical Thinking
Critical Thinking: System Security Goals (60 points)
Assignment Details:
In an essay, answer the following questions based on this week’s module:
•
How do you know if your system is meeting your security goals?
•
You can verify that controls are working, but how do you know if they are getting the job done?
•
What auditing practices or procedures would you implement for your organization? Why?
Deliverables:
Provide information from your readings to support your statements. Your well-written essay should be
4-5 pages in length, incorporating at least three academic resources from the Library in addition to the
case study. Cite all sources using APA style guidelines, citing references as appropriate.
Security Strategies in Windows
Platforms and Applications
Lesson 7
Microsoft Windows Security Profile and
Audit Tools
© 2015 Jones and Bartlett Learning, LLC, an Ascend Learning Company
www.jblearning.com
All rights reserved.
Learning Objective and Key
Concepts
Learning Objective
▪ Explain profile and audit tools to keep Windows
systems secure.
Key Concepts
▪ Profiling Windows Security
▪ Microsoft Baseline Security Analyzer (MBSA)
▪ Performing a security audit
▪ Best practices for Microsoft Windows security audits
Security Strategies in Windows Platforms and Applications
© 2015 Jones and Bartlett Learning, LLC, an Ascend Learning Company
www.jblearning.com
All rights reserved.
Page 2
Profiling Microsoft Windows
Security
Baseline
• A collection of configuration settings
Profiling
• The process of comparing real computer
configurations to known baselines
Security Strategies in Windows Platforms and Applications
© 2015 Jones and Bartlett Learning, LLC, an Ascend Learning Company
www.jblearning.com
All rights reserved.
Page 3
Security Configuration and Analysis
(SCA) Security Templates
Security Strategies in Windows Platforms and Applications
© 2015 Jones and Bartlett Learning, LLC, an Ascend Learning Company
www.jblearning.com
All rights reserved.
Page 4
SCA MMC Snap-in
Security Strategies in Windows Platforms and Applications
© 2015 Jones and Bartlett Learning, LLC, an Ascend Learning Company
www.jblearning.com
All rights reserved.
Page 5
SCA Snap-in Analysis Results
Security Strategies in Windows Platforms and Applications
© 2015 Jones and Bartlett Learning, LLC, an Ascend Learning Company
www.jblearning.com
All rights reserved.
Page 6
SCA Command-Line Tool
Security Strategies in Windows Platforms and Applications
© 2015 Jones and Bartlett Learning, LLC, an Ascend Learning Company
www.jblearning.com
All rights reserved.
Page 7
SCA Command-Line Tool
Analysis Results
Security Strategies in Windows Platforms and Applications
© 2015 Jones and Bartlett Learning, LLC, an Ascend Learning Company
www.jblearning.com
All rights reserved.
Page 8
Microsoft Baseline Security
Analyzer (MBSA)
▪ Evaluates the current state of a Windows
computer
▪ Compares the state to a known baseline
▪ Reports any differences as issues
• Ranks issues based on severity
• Recommends methods to fix each issue
Security Strategies in Windows Platforms and Applications
© 2015 Jones and Bartlett Learning, LLC, an Ascend Learning Company
www.jblearning.com
All rights reserved.
Page 9
When to Run MBSA
▪ MBSA is a convenient tool for any
organization.
▪ MBSA is most helpful in following
scenarios:
• After adding new computers
• To verify compliance
• To ensure you haven’t missed important
vulnerabilities
Security Strategies in Windows Platforms and Applications
© 2015 Jones and Bartlett Learning, LLC, an Ascend Learning Company
www.jblearning.com
All rights reserved.
Page 10
MBSA Benefits
▪ Visibility of multiple computers’ security
▪ Comparing of multiple computers’ security
• Comparing settings is difficult with stand-
alone computers
▪ Identifying differences from standards
• Scanning large and small groups of
computers becomes easy
Security Strategies in Windows Platforms and Applications
© 2015 Jones and Bartlett Learning, LLC, an Ascend Learning Company
www.jblearning.com
All rights reserved.
Page 11
MBSA Procedure
Download and install MBSA
Run MBSA and select the desired option
Scan a computer
Scan multiple computers
View scan reports
Select desired scan options
Review scan results when done
Security Strategies in Windows Platforms and Applications
© 2015 Jones and Bartlett Learning, LLC, an Ascend Learning Company
www.jblearning.com
All rights reserved.
Page 12
MBSA Interface
Security Strategies in Windows Platforms and Applications
© 2015 Jones and Bartlett Learning, LLC, an Ascend Learning Company
www.jblearning.com
All rights reserved.
Page 13
MBSA Scan Options
Security Strategies in Windows Platforms and Applications
© 2015 Jones and Bartlett Learning, LLC, an Ascend Learning Company
www.jblearning.com
All rights reserved.
Page 14
MBSA Scan Results
Security Strategies in Windows Platforms and Applications
© 2015 Jones and Bartlett Learning, LLC, an Ascend Learning Company
www.jblearning.com
All rights reserved.
Page 15
MBSA Command-Line Interface
Security Strategies in Windows Platforms and Applications
© 2015 Jones and Bartlett Learning, LLC, an Ascend Learning Company
www.jblearning.com
All rights reserved.
Page 16
MBSA Command-Line Scan
Results
Security Strategies in Windows Platforms and Applications
© 2015 Jones and Bartlett Learning, LLC, an Ascend Learning Company
www.jblearning.com
All rights reserved.
Page 17
NetChk Protect Limited Scan
Summary
Security Strategies in Windows Platforms and Applications
© 2015 Jones and Bartlett Learning, LLC, an Ascend Learning Company
www.jblearning.com
All rights reserved.
Page 18
NetChk Protect Limited Scan
Results Viewed in MBSA
Security Strategies in Windows Platforms and Applications
© 2015 Jones and Bartlett Learning, LLC, an Ascend Learning Company
www.jblearning.com
All rights reserved.
Page 19
Secunia’s Online Software
Inspector (OSI)
Security Strategies in Windows Platforms and Applications
© 2015 Jones and Bartlett Learning, LLC, an Ascend Learning Company
www.jblearning.com
All rights reserved.
Page 20
Secunia’s Personal Software
Inspector (PSI) Simple Interface
Security Strategies in Windows Platforms and Applications
© 2015 Jones and Bartlett Learning, LLC, an Ascend Learning Company
www.jblearning.com
All rights reserved.
Page 21
Secunia’s PSI Advanced
Interface
Security Strategies in Windows Platforms and Applications
© 2015 Jones and Bartlett Learning, LLC, an Ascend Learning Company
www.jblearning.com
All rights reserved.
Page 22
Windows Security Audit
Activities
Security Strategies in Windows Platforms and Applications
© 2015 Jones and Bartlett Learning, LLC, an Ascend Learning Company
www.jblearning.com
All rights reserved.
Page 23
Windows Audits
Windows security audit involves identifying, collecting, and
analyzing information.
Make an audit plan and gather tools to make the task
manageable.
Collect audit information as soon as possible.
Goal is to collect all information that an auditor can use to
verify compliance or research unusual activity.
Security Strategies in Windows Platforms and Applications
© 2015 Jones and Bartlett Learning, LLC, an Ascend Learning Company
www.jblearning.com
All rights reserved.
Page 24
Best Practices for Security
Audits
▪
▪
▪
▪
▪
▪
▪
▪
▪
Create initial baselines
Develop security templates in SCA
Run SCA/MBSA using command-line interface options
Develop batch files to run scans and collect operational
information
Collect information using a set schedule
Archive collected data files
Maintain current backups
Enable Windows auditing
Do not enable Read or List auditing
Security Strategies in Windows Platforms and Applications
© 2015 Jones and Bartlett Learning, LLC, an Ascend Learning Company
www.jblearning.com
All rights reserved.
Page 25
Best Practices for Security
Audits (con’t)
▪ Do not enable Execute auditing on binary files e
▪ Limit enabling all auditing actions to files, folders,
programs, and other resources
▪ Enable auditing for all change actions for your Windows
install folder
▪ Audit all printer actions
▪ Ignore Read and Write actions for temporary folders
▪ Develop Windows policies and Group Policy Objects that
are as simple as possible
Security Strategies in Windows Platforms and Applications
© 2015 Jones and Bartlett Learning, LLC, an Ascend Learning Company
www.jblearning.com
All rights reserved.
Page 26
Summary
▪ MBSA and its benefits
Security Strategies in Windows Platforms and Applications
© 2015 Jones and Bartlett Learning, LLC, an Ascend Learning Company
www.jblearning.com
All rights reserved.
Page 27
Virtual Lab
▪ Managing Group Policy Within the
Microsoft Windows Environment
Security Strategies in Windows Platforms and Applications
© 2015 Jones and Bartlett Learning, LLC, an Ascend Learning Company
www.jblearning.com
All rights reserved.
Page 28
Purchase answer to see full
attachment