This assignment will resolve the various compliance issues identified in the vulnerability scan, by configuring several settings and security controls in Group Policy and distributing the configuration throughout the domain. After configuration, another scan will be accomplished to provide representation of an improved security posture within the domain.
Group Policy Templates help manage user settings, computer settings, file/folder profiles, directory services, registry settings, and more. This exercise will also use the Microsoft Security Compliance Manager (SCM) to implement security measures and hardening practices to the servers within the domain.
For all servers: Turn on automatic updates and begin downloading, installing, and restarting your servers (ensure update KB2919355 is installed). System Security updates are critical and baseline patches to various installed applications and operating system components
Note: A vulnerability scan can provide both vulnerabilities (security updates, patches, open ports, etc.) and compliance (security configuration and policy settings) results.
Domain controller:Obtain the results from the vulnerability scan that you performed in the Security Controls Analysis Assignment and follow the procedures in "ITT-430 Domain Controller Group Policy Management Instructions," to import and apply the new Group Policy settings throughout the domain.
- Correct as many failures as possible, reducing the overall rate by 20% on the domain controller.
- Deploy changes throughout domain.
- Rescan member server.
- Provide screen shot of results displaying improved security score.
- Goal: Reduce the failures by 20%.
Attach screenshots of your final scan results into a single MS Word document and submit as directed.
APA style is not required, but solid academic writingis expected.
Refer to "ITT-430 Benchmark – Deploy Security Measures with Group Policy Checklist" prior to beginning the assignment to become familiar with the expectations for successful completion.