You are working as an administrator at ABC.com. The ABC.com network consists of a single
Active Directory domain named ABC.com which contains Windows Server 2003 servers Windows
XP Professional client computers.
You want to improve network security and need to pinpoint all computers that have the known
vulnerabilities.
What should you do to automate the process of collecting information on existing vulnerabilities for
each computer, on a nightly basis?
A.
By scheduling secedit to compare the security settings with a baseline and run on a nightly
basis.
B.
By installing Anti-Virus software on the computers and configuring the software to update on a
nightly basis.
C.
By configuring a scheduled task to run the mbsacli utility on a nightly basis.
D.
By having Microsoft Baseline Security Analyzer (MBSA) installed on a server on the network.
E.
By configuring Automatic Updates to use a local SUS server and run on a nightly basis.
F.
You configuring Automatic Updates to run on a nightly basis and use the Microsoft Updates
servers.
Explanation:
We can schedule the mbsacli.exe command to periodically scan for security
vulnerabilities.
Reference:
Martin Grasdal, Laura E. Hunter, Michael Cross, Laura Hunter, Debra Littlejohn Shinder, and Dr.
Thomas W. Shinder, Planning and Maintaining a Windows Server 2003 Network Infrastructure:
Exam 70-293 Study Guide & DVD Training System, Syngress Publishing, Inc., Rockland, MA,
Chapter 11, p. 830