Monday, August 29, 2011

Auditing with MMC's Security Configuration and Analysis Snap-In

Here's an auditing trick I had never used before.  I'm sure I should be able to script this information from the registry.  But, until I find where this information, here's what we did:

Open MMC
File -> Add/Remove Snap-in...
Chose "Security Configuration and Analysis"
Click Ok
In the main window, right-mouse-click on Security Configuration and Analysis
Choose Open Database
We created a temp database.
When asked for the .inf file, we pointed to the .inf files we grabbed from the DISA benchmarks.
Right-mouse-click on Security Configuration and Analysis, again
Choose Analyze Computer Now
DO NOT CHOOSE Configure....
MMC will analyze the computer against the settings in the DISA .inf file.

When it is doen, I double-clicked the individual policys, and exported them to our results directory.

1 comment:

  1. Was just wondering if you ever found out how script this and retrieve results via the registry...

    ReplyDelete