SCCM Vulnerability Assessment Configuration Pack

[anyweb]

This Configuration Pack helps track common software mis-configurations which might make client computers more vulnerable to attack.

 

Software installation errors and misconfigurations compromise security and stability, resulting in escalated support costs.

 

System Center Configuration Manager 2007 Vulnerability Assessment Configuration Pack can help prevent errors, increasing your organizational uptime and helping you build a more secure infrastructure. This configuration pack provides vulnerability assessment reporting for common software misconfigurations using the desired configuration management component in Configuration Manager 2007. The Configuration Manager 2007 Vulnerability Assessment Configuration Pack monitors the configuration of Microsoft Windows operating systems, Internet Explorer, Microsoft Office, SQL Server, and Internet Information Services (IIS). To use this Configuration Pack, import and assign the three configuration baselines (Vulnerability Assessment: IIS Baseline, Vulnerability Assessment: SQL Server Baseline, Vulnerability Assessment: Windows Baseline) to a collection containing the computers you want to monitor. To understand in detail what each configuration item will be evaluating, review the properties of the configuration item.

 

Scenarios:

 

• Scan for potential security issues that may exist because of misconfigurations.

• Example checks:

o Are unnecessary services installed and running?

o Do shared folders have appropriate permissions?

o Is Windows Firewall enabled?

o Are strong passwords enforced?

o Are unsecured guest accounts enabled?

 

download it here