(YOUR INSTALLED ITEMS WILL LIKELY BE DIFFERENT FROM THOSE SHOWN HERE

8. - MCSA MCSE EXAM 70 296 STUDY GUIDE PHẦN 7 POTX 8. - MCSA MCSE EXAM 70 296 STUDY GUIDE PHẦN 7 POTX 8. - MCSA MCSE EXAM 70 296 STUDY GUIDE PHẦN 7 POTX 8. - MCSA MCSE EXAM 70 296 STUDY GUIDE PHẦN 7 POTX
MCSA MCSE EXAM 70 296 STUDY GUIDE PHẦN 7 POTX
8.65. (Your installed items will likely be different from those shown here.)

Figure 8.65

Checking Previously Installed UpdatesThat’s all there is to analyzing your computer with Windows Update. Later in thischapter we examine the rest of the steps to use Windows Update to select and installupdates onto the local computer.

The Microsoft Baseline Security Analyzer

The Microsoft Baseline Security Analyzer (MBSA) is a GUI-based tool that Microsoft devel-oped to detect common security misconfiguration and weaknesses.The MBSA tool can alsobe used from the command line if desired.The current version of MBSA, version 1.1, can berun on a Windows 2000,Windows XP, or Windows Server 2003 computer; it scans formissing hotfixes, weaknesses, and vulnerabilities in the following Microsoft products:

Windows 2000 Professional, Server, and Advanced Server

Windows XP Professional

Windows NT Workstation 4.0, Server 4.0, and Enterprise Edition Server 4.0

SQL Server 7.0

SQL Server 2000 Standard, Enterprise, and Conferencing Server

Internet Information Server 4.0

Internet Information Services 5.0

Internet Explorer 5.01 and later

Office 2000

Office 2002 (XP)MBSA uses a modified version of the HFNetChk tool to scan for missing hotfixes, ser-vice packs, and other updates. At the completion of the scan, an individual XML outputreport is created for each computer that has been scanned.This report can be viewedimmediately after the completion of the scan or later.When MBSA is executed from theGUI, reports are placed in the SecurityScans folder, which is located in the profile of theuser who ran the scan.For example, if a user named Andrea ran the scan, she could expect to find scan reportslocated at C:\Documents and Settings\Andrea\SecurityScans or wherever her profile pathis pointed.You can use the /f switch to change the location of the output file when you’rerunning the MBSA tool from the command line.In Exercise 8.07, we examine how to use the MBSA tool from the GUI to examine alocal computer and determine its current status. In Exercise 8.08 we perform the same task,this time from the command line. Using the MBSA tool as part of a script or batch file, youcould schedule a regular scan of all your network computers and then examine the resultsafter the scan has completed.You should consider performing a scan such as this one at leastonce per week as your specific situation dictates.The basic syntax of the MBSA tool from the command line is:

msbacli.exe [/c domainname\computername] [-i ipaddress] [-d domainname]

[-r range] [/n IIS] [/n OS] [/n password] [/n SQL]

[/n hotfix] [/o %domain% - %computername% (%date%)]

[/e] [/l] [/ls] [/lr report name] [/ld report name]

[/qp] [/qe] [/qr] [/q] [/f]

Table 8.4 details the function of each mbsacli.exe switch.

Table 8.4

The mbsacli.exe SwitchesSwitch Explanation/c domainname\computername Performs a scan on the selected computer.-i ipaddress Specifies the IP address of the computer to be scanned. If not specified, the default is the local computer.-d domainname Specifies the domain name to be scanned. All eligible computers in the domain will be scanned.-r range Specifies the inclusive IP address range that is to be scanned in the format start_IP-end_IP—for example, 192.168.0.100-192.168.0.199./n IIS Specifies that IIS checks are to be skipped. The /noptions can be added together, such as /n IIS+OS+SQL./n OS Specifies that operating system checks are to be skipped./n password Specifies that password checks are to be skipped./n SQL Specifies that SQL checks are to be skipped./n hotfix Specifies that hotfix checks are to be skipped./e Lists errors from the latest scan./l Lists all reports available for viewing./ls Lists all reports from the latest scan./lr report name Displays an overview of the specified report name./ld report name Displays a detailed version of the specified report name./qp Specifies that the progress of the scan is not to be shown./qe Specifies that the error list is not to be shown./qr Specifies that the report list is not to be /q Specifies that the progress of the scan, the error list, or the report list are not to be /f Specifies that output is to be redirected to a file.

E

XAM

W

ARNINGAs with the HFNetChk tool discussed later in the chapter, taking some time tobecome familiar with the switches that can be used with the command-line versionof MBSA could help you on exam day. You might be given one or more answersthat require you to know whether or not a particular switch will achieve thedesired result.