CompTIA Security+ Lab #6 - GPO Analysis via Policy Analyzer

Video Statistics and Information

Video

Captions Word Cloud

Reddit Comments

Captions

part of microsoft security compliance toolkit is the policy analyzer this tool is used to identify weak configuration settings in the current domain network policies in this video we will be doing a demo on how to make use of microsoft's policy analyzer [Music] as per microsoft's website policy analyzer is a new tool that was released on technet on january 22nd 2016 and as i read it states that policy analyzer is a utility for analyzing and comparing sets of group policy objects it can highlight when a set of group policies has redundant settings or internal inconsistencies and can highlight the differences between versions or sets of group policies now the updated policy analyzer can be downloaded as part of the microsoft security compliance toolkit so as you can see in here it says that this set of tools allow enterprise security administrators to download analyze test edit and store microsoft recommended security configuration baselines for windows and other microsoft products while comparing them against other security configurations part of the compliance toolkit are the following files so you've got the windows 10 security baseline policy analyzer microsoft edge security baseline and so on and so forth for this demo what we'll do is we'll first go to the group policy manager so that we can actually download a backup of our group policies so i'll just go for windows administrative tools and then the gpm and then just go to my group policy management i'll just expand my forest as well as that of my domain and then i'll then just go to my group policy objects what i first wanted to do would then be to go to the 515 support domain policy right click and then back up as for the location i'll just browse in here i'll go for administrator for example go for documents and let's say i'll create a new folder and name it as gpo or group policy object and i'll click on ok once we have set the location we can now click on backup so what this one will do is that it will create a backup of our policy and then we'll save it onto the folder that we have just identified from premiere and yeah there you go so it says the backup of the policy has succeeded now now click on ok what i'll do as well is that i will likewise create a backup of the default domain policy so when it's once again i'll just click on backup i'll keep the location and then click on backup now that we already have a backup of our group policy objects i can now load them into my policy analyzer so what i'll do is i will then just click on add and then file and add files from gpos however instead of going through my group policy management once again because i already have a backup of my gpo i can then just click on the gpo folder where we have backed up our group policies so click on select folder and that's it so we now have all of these ones i can now click on import for which i can then name this say for example current policy or current gpo and then click on save okay it's now ready to be analyzed what we can then do is we'll also add the template coming from policy analyzer so once again i'll go for file add files from gpos and now then just browse for the template coming from the policy analyzer so as you notice the template coming from the policy analyzer from microsoft contains so many policies right so then just click on import for this one and i would name this as my template now click on save okay so earlier we had the current gpo and this one is the template right so what we intend to do now is to compare those two policies we will be comparing our current policy versus that from the policy analyzer so i'll then click on view and compare with the policy comparison you can see here on the left hand side the policy type we've got the policy group or registry key the policy setting and then the identification of our current gpo versus that of the template if there would be any differences or conflicts you can actually see them highlighted in yellow like say for example for this one we see that in some of the audit policies there are conflicts and then right down below you can then read or see the details about that particular conflicting policy as for this particular case we can see that well for this particular policy my current gpo is set to no auditing whereas the template is advising that we should have an audit for success and failure pretty good isn't it because at least we can see which policies we needed to update when we browse further we can also see in here for example here would be for the secure protocols and then say for example for system access whereby the current gpo says that it is disabled whereby the advice for the template is that this particular system need to be enabled and that's it well i hope you learned something and if you have any other topics in mind that you would like me to cover please leave them in the comment section down below and once again please don't forget to click the like share and subscribe see you in the next video

Info

Channel: Jarrel Rivera

Views: 1,524

Rating: undefined out of 5

Keywords: comptia, security+, sy0-501, sy0-601, security plus, gpo, group policy, analysis, gpo analyzer, gpo analysis, security, compliance, policy analyzer, toolkit

Id: 2AaGrvOTAsg

Channel Id: undefined

Length: 6min 34sec (394 seconds)

Published: Sun Jun 13 2021