DokuWiki

After you have your ERDS and/or G2G workstations set up, software installed and configured, you will need to run the Microsoft Baseline Security Analyzer (MBSA) tool and send a clean MBSA report to CeRTNA. A clean MBSA report for both the ERDS & G2G workstations must be delivered to CeRTNA annually. Email notifications will be sent out each year, requesting the report.

Note: It is recommended that you run your Windows Update process prior to running the MBSA tool. This ensures that the updates installed on your computer will match the update catalog that the MBSA tool retrieves from Microsoft.

To generate an MBSA report, start the Microsoft Baseline Security Analyzer 2.3 program. The following screen is displayed:

Click Scan a computer

The following screen is displayed:

You can accept all the default selections.

Click the Start Scan button.

The MBSA tool will retrieve the latest update catalog from Microsoft and compare it to the updates that have been installed on your computer. It will also check a variety of other security settings, such as any incomplete software installations, multiple Administrator accounts, any users with weak or non-expiring passwords, any browser vulnerabilities, etc.

The analysis can take several minutes. While the MBSA tool is analyzing your workstation, a status panel is displayed, similar to the following:

When the analysis process completes, the MBSA tool will display a report that highlights results of the scan. The report should look similar to the following:

If your report results do not have a Green shield at the top of the report, you will need to review the report details to determine any issues that need to be resolved. Issues that have a Red icon next to them, indicate a serious issue that needs to be resolved. A Yellow shield is a Warning indicator, letting you know there is something you should consider addressing. Blue icons are listed strictly as informational and do not impact the CeRTNA reporting process.

In most cases, the typical issue that needs to be resolved is incomplete Windows Security Updates.

Each reporting line item has two and possibly three of the following:

• What was scanned
• Result details
• How to correct this

If you do not have a Green 'Strong Security' shield at the top of your report, review and attempt to resolve the items that are flagged. As you correct each of the items, you can re-run the MBSA tool to obtain an updated report.

If you have a Green 'Strong Security' shield at the top of the report, you can click the 'Print this report' link that is on the bottom of the page and print the report to either a PDF printer or to Microsoft's XPS printer format. CeRTNA will accept either format. Send the printed report to your CeRTNA contact via e-mail.