Microsoft Windows Security Resource Kit
Chapter 24
Using Security Assessment Tools
Once you have implemented a security baseline configuration on your Microsoft Windows 2000 computers, you should periodically review the security configuration by using security assessment tools. These tools allow an administrator to perform two separate yet related tasks:
- Identify when computers deviate from the established security baseline.
Security assessment tools can identify when a computer s configuration has been modified, which would result in weaker overall security of the host.
- Identify new risks to computers.
Assessment software can scan for newly discovered vulnerabilities by detecting whether recent hotfixes have been applied or by determining that recommended security configurations have not been implemented on scanned hosts.
This chapter discusses how to implement security assessment tools to perform these tasks.