After it scans the system, it will provide the initiator of the scan with a list of things it recommends should be changed, and they may make changes as they see fit.

Instructions: Using Active Directory Group Policy Objects (GPO) or Microsoft Baseline Security Analyzer (MBSA) discuss how one would use them to secure the network. Describe the importance of having privileged and non-privileged states within an organization. List any observations, tips or questions about this lab that would prove helpful to fellow students.
Respond to Adam
This week’s lab gave me insight on how GPOs and MBSA can be used to further secure a network. Primarily, the MBSA is a tool used to scan for surface level vulnerabilities such as password policies, and security updates. After it scans the system, it will provide the initiator of the scan with a list of things it recommends should be changed, and they may make changes as they see fit. Along with the recommendations, MSBA also provides information about why it thinks certain vulnerabilities exist, and what can be compromised through them. GPOs are also a useful tool that allow sys admins to restrict certain files or actions per group of user, and also set requirements for authentication, among other things.
The principle of least privilege is something that should be applied wherever possible in an organization. Giving users the bare minimum access to systems, applications, etc. reduces attack surfaces by a considerable margin. As put by CISA’s article on least privilege; “Only the minimum necessary rights should be assigned to a subject that requests access to a resource and should be in effect for the shortest duration necessary” (Gegick & Barnum, 205 C.E.). Not only does least privilege reduce the impact of insider threats, but also the risk associated with any given account being compromised by an outside attacker.
My advice for this week’s lab is to keep two folders/documents for the labs, one for each. It helps to organize which screenshots belong to which lab for me, and likely the professor as well.
Respond to Andrew
In our first week of class, in the lab specifically, we learned and used the Active directory Group Policy Objects (GPO) to assign new users and assign permissions for those users. This week we are discussing how to secure a network with either the GPO or Microsoft Baseline Security Analyzer (MBSA). Microsoft Baseline Security Analyzer is a software tool that is actually discontinued, but the purpose of the tool was to scan Windows and the Microsoft applications that are installed on the system to try and determine if there are risks from missing security updates. The way that it could be used to secure a network is that it can test and analyze to see if the system is missing patches, updates and tell if there are any security misconfigurations. After the scan is complete the tool will provide you with the specific suggestions for taking care of the security vulnerabilities that were found during the scan. Having individuals with both privileged and non privileged states is known as dual operation mode. This is important to have to ensure that system is protected from unauthorized or careless users. Privileged access gives individuals the ability to perform actions that can affect many vital systems such as computing systems, network communication, and even the accounts, files, data or the processes of the other users. Non privileges state still allows an individual to access the system and perform tasks but not any that would affect the ability of the system. The privileged accounts are also the ones that will be monitoring and updating the system with any security updates.

Leave a Comment