Security auditing tools help protect the availability, integrity, and confidentiality of a system or information. As a security strategy, businesses or individuals ought to determine the level of auditing or the type of security audit tool that is suitable for their environment. Security audit tools help attacks that pose a threat to your system or network, as well as attacks against resources identified in the risk assessment. This paper will delve into discussing the security audit tools for Window Microsoft. The paper will also outline the best practices for Microsoft Windows security audits.
Microsoft Baseline Security Analyzer (MBSA)
MBSA is one of the security audit tools for Windows Microsoft. This tool helps determine the security of your system based on Microsoft security recommendations (Pattanavichai, 2017). MBSA analyzes a Windows computer and detects missing patches or updates. MBSA detects common security misconfigurations. As a security strategy, organizations should run MBSA scans in their environment. An MBSA scan will provide organization-specific suggestions for remediating security vulnerabilities (Pattanavichai, 2017). In addition, it can help reduce and eliminate threats that may arise due to security configuration issues or due to missing security updates.
Delegate your assignment to our experts and they will do the rest.
The Security and Configuration Analysis (SCA)
SCA is a snap-in tool available on Microsoft Windows (Microsoft, 2018). This security audit tool is used on a computer-by-computer basis. Users can use this security audit tool to import saved configurations to a private security database (Microsoft, 2018). This helps build a database that stores a composite configuration. The configuration can then be applied to a computer. This, in turn, help analyze the current system configuration. Basically, SCA allows for security analysis and configuration.
Security Compliance Toolkit (SCT)
SCT is a set of security auditing tools for Microsoft Windows. This tool allows enterprise security administrators to “download, analyze, test, edit, and store Microsoft-recommended security configuration baselines for Windows and other Microsoft products” (Microsoft, 2019). With this tool, security administrators have the ability to effectively manage the Group Policy Objects (GPOs) of their enterprise. More to this is that enterprise security administrators can use this tool to compare their current GPOs with Microsoft-recommended GPO baselines.
SekCheck Tool
Another security auditing tool for Microsoft Windows systems is SekCheck. This tool is used to run comprehensive security audits against Supports Microsoft Windows and Active Directory (AD) (Syahri et al., 2017). This auditing tool is comprised of a number of modules, which include PC auditor, Windows firewall auditor, search event logs, and query AD. With regard to PC auditor, this module helps users or security administrators to analyze the local host for non-compliant security configuration. For example, this module can help analyze password policy. With regard to Windows firewall auditors, this module helps security administrators to audit the PC firewall settings.
Best Practices for Microsoft Windows Security Audits
There are a number of best practices that users or security administrators ought to take into account when conducting security audits for Microsoft Windows. First, is important to ensure that only the “Local Service and Network Service” accounts have the “Generate security audits” user right assigned to them. This is because the audit logs can potentially be an attack vector. This is particularly true if the account is compromised.
To sum up, there are a number of security auditing tools for Microsoft Windows. Some of the tools that have been discussed in this paper are MBSA, CSA, SCT and SekCheck tools. These four tools are the one that is widely used for auditing the security of Microsoft Windows systems. Each provides different functions.
References
Microsoft. (2018). Security configuration and analysis. [Online]. Retrieved May 24, 2020, from https://docs.microsoft.com/en-us/windows/win32/secmgmt/security-configuration-and-analysis
Microsoft. (2019). Microsoft security compliance toolkit 1.0. Retrieved May 24, 2020, from https://docs.microsoft.com/en-us/windows/security/threat-protection/security-compliance-toolkit-10
Pattanavichai, S. (2017, November). Comparison for network security scanner tools between GFI LanGuard and Microsoft Baseline Security Analyzer (MBSA). In 2017 15th International Conference on ICT and Knowledge Engineering (ICT&KE) (pp. 1-7). IEEE.
Syahri, R., Cholil, W., & Widiyati, Q. (2017). Evaluation of Management Network Security Using Sekcheck Network Evaluator. Jurnal Informatika Darmajaya , 14 (2), 169-181.