Active Directory GPO and MBSA Responses

Provide (2) 150 words response with a minimum of 1 APA references for RESPONSES 1 AND 2 below. Response provided should further discuss the subject or provide more insight. To further understand the response, below is the discussion post that's discusses the responses. 100% original work and not plagiarized. Must meet deadline.

RESPONSE 1:

1. Using Active Directory Group Policy Objects (GPO) or Microsoft Baseline Security Analyzer (MBSA) discuss how one would use them to secure the network.

Both of these tools are great for securing a network, especially when used together. Microsoft Baseline Security Analyzer can be used to scan a network for insecure configuration settings. If activated to do so, it can also continuously check for updates. The upside for this program is that it is completely free. This usually means that the product is not very good. This is not the case with this product, Microsoft has enough users out there that even though the product is listed as free, you are in a way paying for it by using Microsoft products, this is just a way for them to secure their own products. GPO's on the other hand make it much easier to administer security profiles on the network, instead of having to create profiles for each individual person, you can create group profiles and cluster people together based on a shared department for example. 

2. Describe the importance of having privileged and non-privileged states within an organization.

It is important to have privileged and non-privileged states because you don't want everyone to have the same level of access to information. That could lead to security breaches, but by creating levels of privilege, you ensure that employees have access to only what they need to do their jobs, thus limiting the exposure of any sensitive information.

RESPONSE 2:

GPOs or Group Policy Objects are useful when it comes to securing a network and implementing policies. A downside to GPOs, as I have seen is, if they are not adequately maintained as in cleaned up once in a while, GPOs can override or negatively impact existing GPOs.

Specific policies can be written to help secure a network. Some of these policies include disabling a machine that hasn’t checked into SCCM in more than 30 days. When this happens, it means that a device is not pulling the latest patches and security updates. By having a policy in place, the device will be disabled from the network and moved to a disabled organizational unit within active directory. Per Lepide.com, other policies can include “Preventing Windows from Storing LAN Manager Hash.” The site pointed out that Windows automatically stores both LAN Manager and Windows NT passwords in the local Security Accounts Manager (SAM). The site also mentions that you can set a GPO that will tell devices on the network not to store these hash values, which are susceptible to hacking.

The importance of having privileged and non-privileged states within an organization help with delegate and differentiating user access from administrator access. Even further, it can also be used to drill down the separation of access beyond the administrators as not all administrators require access to the same devices and applications. By having this separation, it’s keeping users with the need to know and access needed for their daily duties well defined and prevents any non-authorized users from gaining access to systems they don’t require access to.