Question

You are the senior system administrator in your company and are known for your Active Directory expertise. Your specialty is Group Policy Objects (GPO) and tracking changes. Your boss tells everyone about a tool developed by Microsoft called “Policy Analyzer” for tracking changes and troubleshooting GPO. He would like you to conduct a “lunch and learn” about Policy Analyzer for your Windows Administration Team. You realize that the product’s name has been changed to “Microsoft Security Configuration Toolkit”. Diplomatically conduct the lunch and learn and discuss the history of the tool, the name change, the features of the product and the benefits to your Windows Administration team in managing GPO.

A minimum of two references is required one of which can be your textbook.

<Insert your 1-2 page Lunch and Learn document with references cited in APA format>

Textbook info

Windows Server 2016 Administration Fundamentals

ISBN: 9781788626569

please provide a full new answer

Answer 1

Lunch and learn on “Microsoft Security Configuration Toolkit”

(Below discussed are the main points to be discussed in the lunch and learn event)

History of the tool policy analyser:

· The policy analyser was published on Technet on January 22,2016

· It was a tool used for analysing and comparing the GPO

· GPO is a feature provided by Microsoft

· GPO is a group of settings which say about how the system will behave and what the system will look for specific group of users

· Its mainly associated with some sites or some active directory containers etc.

· The tool allowed the view of all GPOs as a single unit

· Its mainly used to check whether some particular settings is duplicated among any GPOS

· Or if there are some conflicting value set in any GPOs

· All the observations and findings of this tool was able to be converted to a Microsoft spreadsheet file.

· After the policy analyser there came a new launch on 2010 which was SCM or security compliance manager

· This was a combination of many new functionalities like:

1. There was security recommendations based on GPO

2. Had shown and explained the threats and counter measures for each settings

3. Feature for create and edit the baselines and also to compare them and many more….

· But the disadvantage of this was, the SCM was very complex program

· It proved inflexible due to many reasons

· And also was unwelcomed by the users eventhough it had great new functionalities.

· This paved the way for Microsoft security configuration tool kit

About the name change:

· First the tool was called POLICY ANALYSER

· Then a new tool with same functions and added new functions which was an updated version of policy analyser came, SCM - security compliance manager

· Then the most updated Microsoft security configuration tool kit came into action

Feature of Microsoft security configuration tool kit:

· It was a combination of two policies

· They were the policy analyser and LGPO

· It also had some set of baselines enabling its use in different Windows versions.

· The policy analyser had the same features it had before.

· And adding to that the new concept of LGPO was introduced.

· LGPO ,Local Group Policy Object Utility is a transfer tool

· It helps in direct transfer of the Group policies between host registry and the backup files of a GPO

· Host registry is responsible for setting the domain policies and managing the registration etc of the host.

· All the LGPO transfers were done bypassing the domain controller

· A domain controller is a server mainly used for data organisation and providing security, which deals with the activities like, authentication request processing and verification of user on the given computer network.

· LGPO helps the administrators a lot, because its an easy way of verification of their group policy settings by the administrators.

· Security baselines were available as downloadable spreadsheet or as GPO backups.

· It’s a collection of Microsoft recommended configuration settings, it also explains their security impact.

· It was a kind of guidance provided by Microsoft for some selected group policy settings

Benefits of the tool in managing the GPO:

· It is having very less complexity

· Very easy to test and do the trouble shooting

· Allows easy configuration of local computers by easily helping it to apply the settings into some secure template into the local policy of the system

· The policy analyser helps in easy comparison between the GPOs for any differences or for some kind of issues between them.

· The baseline of the system is made available so that it can be referred in the coming time for checking and finding any kind of change occurred

· Using the LGPO tool ,settings could be loaded from registry policy files, LGPO text files and could be easily applied

· It was possible to make updations or edits to existing group policy backups

· LGPO was also used to test the updated backups by loading it into some host, so the tesing was made easy.

· After the testing completed, and if it succeeds,then the revised backup could be used as new group policy also.

REFERENCES:

https://docs.microsoft.com/en-us/windows/security/threat-protection/security-compliance-toolkit-10

https://techcommunity.microsoft.com/t5/microsoft-security-baselines/new-tool-policy-analyzer/ba-p/701049

https://www.scip.ch/en/?labs.20200305

APA format guidelines:(the above given points should be presented in the given format)

1.use Times Roman format for the texts

2.use a text size of 12pt

3.there should be page margin provided(1 inches should be the margin width)

4.double spacing should be provided between the rows of lines, that is from the normal spacing between rows of words give tha double of that in APA format.

5.there should be a title or running head for every pages

6.every new paragraph should be intended with a spacing of 1/2 inches between the two paragraphs.