You are a database administrator for AIOTestKing.com. You manage 10 SQL Server 2005 computers. The computers reside on an isolated portion of the company’s network that has been restricted from accessing the Internet. Only intranet client computers have access to the SQL Server 2005 computers. You need to audit the SQL Server computers to identify only the missing operating system or SQL Server patches, hotfixes, and service packs. What should you do?
A.
From a client computer on the network, run the Microsoft Baseline Security Analyzer (MBSA) to scan the IP address of the 10 SQL Server 2005 computers.Configure MBSA to check for Microsoft Windows vulnerabilities, SQL Server vulnerabilities, and security updates against Microsoft Windows Update.
B.
From a client computer on the network, run the Microsoft Baseline Security Analyzer (MBSA) to scan the IP address of the 10 SQL Server 2005 computers.Configure MBSA to check for SQL Server vulnerabilities and security updates against a network Windows Server Update Services (WSUS) server.
C.
From a client computer on the network, run the Microsoft SQL Server Best Practices Analyzer.
D.
On each SQL Server computer, run the SQL Server Surface Area Configuration for Services and Connections.
Explanation:
MBSA is a tool that scans for common insecure configurations in several Microsoft products including SQL Server and Microsoft SQL Server. It can be run locally or over a network. It tests SQL Server installations for problems such as:
Too many members of the sysadmin fixed server role.
Granting of right to create CmdExec jobs to roles other than sysadmin.
Blank or trivial passwords.
Weak authentication mode.
Excessive rights granted to the Administrators group.
Incorrect access control lists (ACLs) on SQL Server data directories.
Plaintext sa password in setup files.
Excessive rights granted to the guest account.
SQL Server running on a system that is also a domain controller.
Improper configuration of the Everyone group, providing access to certain registry keys.
Improper configuration of SQL Server service accounts.
Missing service packs and security updates.