Lab 3A-3: Windows OS Hardening and Local Policy
Purpose
The purpose is to use various tools available with which to secure the Windows operating systems, and then some policy templates that can be implemented for immediate improvements in system security.
Tools
Windows Update service, Microsoft Base Line Security Analyzer (MBSA), Windows Security Scoring Tool
Procedures
- Press Start button --> All programs --> Windows Update - Download a MBSA from http://www.microsooft.com/technet/security/tools/mbsahome.mspx, install it, and run it. It is going to provide you with a list of all items, both, secure and non-secure ones. It it is also provide you with suggestions how to fix their security issues. - Download a Windows Security Scoring Toool from http://www.cisecurity.org/sub_form.html, install it, and run it. It is going to provide you with the security score of your overall security and of the security of individual components dealing with it, f. i. accounts.
Results
The particular computer I was using didn't have any of the patches installed, so the first thing was to run Windows Update and install them. After installing all required patches I run MSBA. It found many different security loopholes, ranging from allowed anonymous logon on my computer, until some additional Windows patched that I have not installed. My score on WSST was in the midrange.
Time
35 min
Reflection
These are useful tools for a network security administrator so he can protect the network and the systems on the network. Mozilla has also better security implementation than the Internet Explorer. Mozilla also offers a number of interesting and convenient features such as tabbed browsing and native support for disabling pop-ups.