Microsoft Baseline Security

Analyzer (MBSA)
Duration: 2 Hours
Learning Outcomes
By the end of this laboratory session, you should be able to:1. Install the MBSA
2. Run the MBSA using GUI

Hardware/Software:

1.
2.

PC installed with Windows operating system.

MBSA installation file.

Activity A
Activity Outcome: Install the MBSA
Procedure

Step 1: Browse to where you've downloaded the MBSA, double-click it, and click Run.
Step 2: If prompted by User Account Control, click Yes to continue. Review the information
on the Welcome page and click Next.
Step 3: Review the license agreement, select I Accept the License Agreement, and click
Next.
Step 4: Accept the default destination folder and click Next.
Step 5: Click Install on the Start Installation page.
Step 6: When the installation completes, click OK.

Activity B
Activity Outcome: Run the MBSA using GUI

Procedure

Step 1: Click Start All Programs Microsoft Baseline Security Analyzer to launch
MBSA. If prompted by User Account Control, click Yes to continue.
Step 2: Click Scan a Computer. It will default to the selection of your computer. Review the
options, and accept the default settings.
Step 3: Click Start Scan. After a moment, the scan will complete and the report will appear.
Step 4: Review the report, and investigate any issues that are reported.

Exercise
1. Explain the important of MBSA?
The MBSA can help you stay on top of regular network auditing tasks by scanning both
local and remote Microsoft systems for common security misconfigurations. It can also
identify missing security updates and service packs available through the various
Microsoft Update technologies, helping to ensure all machines are patched correctly.

2. Scan the host and show the report. What can you conclude about
the host?

Local account password test

-Some user account have blank or simple password or could not be analyse
Guest Account
-the guest account is not disable on this computer

3. Can MBSA scan the multiple servers and give the patches needed.
Explain your answer.
Yes, because MBSA scan the multiple servers and give the patches
needed. MBA can scan the computer for insecure configuration setting.
4. List open source security and network scanning tools for Linux.
i.

Nmap - map your network and ports with the number one port scanning tool.
Nmap now features powerful NSE scripts that can detect vulnerabilities,
misconfiguration and security related information around network services.

ii.

Nikto - a web server testing tool that has been kicking around for over 10 years.
Nikto is great for firing at a web server to find known vulnerable scripts,
configuration mistakes and related security problems.

iii.

OpenVAS - open source vulnerability scanning suite that grew from a fork of the
Nessus engine when it went commercial. Manage all aspects of a security
vulnerability management system from web based dashboards