Using Group Policy Objects and Microsoft Baseline Security Analyzer for Change Control
Student Name: ________________________________________________________________
Instructor Name: ______________________________________________________________
Lab Due Date: ________________________________________________________________
There are many tools and suites designed to aid the security practitioner and the organization in implementing and managing change management. In this lab, you explored two such tools for the Windows platform: Group Policy Objects (built into the Windows operating systems) and the
Microsoft Security Baseline Analyzer (provided free of charge). You used Group Policy Objects to strengthen the organization’s password policy by adding complexity and minimum password length requirements. You scanned the Windows server with the Microsoft Baseline Security
Analyzer (MBSA) to assess its security state, and you examined the results of the Microsoft
Baseline Security Analyzer in detail.
Lab Assessment Questions & Answers
1. Define why change control management is relevant to security operations in an organization.
Proper management control need to be in place in an organization to govern the level of authority needed. Change control is a systematic way to approaching change. Within an organization, it can prevent the possibility of services becoming interrupted
2. Name six (6) policies you could enable in a Windows Domain.
Acceptable User Policy (AUP), Security Awareness Policy, Asset Classification Policy, Asset
Protection Policy, Asset Management Policy, Vulnerability Asset Management Policy
3. What is the minimum password length enforced by the Password must meet complexity requirements policy?
The complexity requirements policy states that a password must consist of at least or at a minimum of eight characters mixed with letters and numbers.
4. What sources could you use as a source