Network Assessment Customer Name Here!
Prepared by: CCB, Inc.
your IT resource
CONFIDENTIALITY NOTE: The information contained in this report document is for the exclusive use of the client specified above and may contain confidential, privileged and non-disclosable information. If the recipient of this report is not the client or addressee, such recipient is strictly prohibited from reading, photocopying, distributing or otherwise using this report or its contents in any way.
your IT resource NETWORK ASSESSMENT Table of Contents
1 - Discovery Tasks 2 - Assessment Summary 3 - Domain: CLIENTDOM.COM 3.1 - Domain Controllers 3.2 FSMO Roles 3.3 - Organizational Units 3.4 - Group Policy Objects 3.5 - Users 3.6 - Security Groups 3.7 - Computers in Domain 3.8 - Domain DNS 4 - Non A/D Devices 5 - Servers 5.1 - MS SQL Servers 5.2 - Web Servers 5.3 - Time Servers 5.4 - Exchange Servers 5.5 - DHCP Servers 5.6 - Hyper-V Servers 6 - Printers 7 - Network Shares 8 - Major Applications 9 - System Password Strength Assessment 10 - Patch Summary 11 - Endpoint Security and Backup 12 - Listening Ports
P ROPRIETARY & CONFIDENTIAL PAGE 2 of 251
NETWORK ASSESSMENT your IT resource
13 - Internet Access 14 - External Speed Test 15 - Internet Domain 16 - External Security Vulnerabilities Appendix I: Detailed Computer Analysis
P ROPRIETARY & CONFIDENTIAL PAGE 3 of 251
NETWORK ASSESSMENT your IT resource 1 - Discovery Tasks
This table contains a listing of all tasks which were performed as part of this assessment. Items which do not contain a check were not performed.
Task Description � Detect Domain Controllers Identifies Domain Controllers and Online status � FSMO Role Analysis Enumerates FSMO roles at the site � Enumerate Organization Units and Security Lists the Organizational units and Security Groups with members Groups � User Analysis List of users in AD, status, and last login/use, which helps identify potential security risks � Detect Local Mail Servers Mail server(s) found on the network � Detect Time Servers Time server(s) found on the network � Discover Network Shares Comprehensive list of Network Shares by Server � Detect Major Applications Major apps / versions and count of installations � Web Server Discovery and Identification List of web servers and type � System by System Event Log Analysis Last 5 System and App Event Log errors for servers � Detailed Domain Controller Event Log Analysis List of event log entries from the past 24 hours for the Directory Service, DNS Server and File Replication Service event logs � Network Discovery for Non-A/D Devices List of Non-Active Directory devices responding to network requests � SQL Server Analysis List of SQL Servers and associated database(s) � Internet Domain Analysis “WHOIS” check for company domain(s) � Password Strength Analysis Uses MBSA to identify computers with weak passwords that may pose a security risk � Missing Security Updates Uses MBSA to identify computers missing security updates � Internet Access and Speed Test Test of internet access and performance � External Security Vulnerabilities List of Security Holes and Warnings from External Vulnerability Scan
P ROPRIETARY & CONFIDENTIAL PAGE 4 of 251
your IT resource NETWORK ASSESSMENT 2 - Assessment Summary
Domain Domain Controllers 2 Number of Organizational Units 17 Users # Enabled 33 Last Login within 30 days 17 Last Login older than 30 days 16 # Disabled 19 Last Login within 30 days 0 Last Login older than 30 days 19 Security Group Groups with Users 31 # Total Groups 60 Computers in Domain Total Computers 107 Last Login within 30 days 46 Last Login older than 30 days 61 Other 3 Windows 2000 Server 6 Windows 7 Enterprise 32 Windows 7 Professional 3 Windows 7 Ultimate 4 Windows 8 Consumer Preview 1 Windows Server 2003 16 Windows Server 2008 Enterprise 1 Windows Server 2008 R2 Datacenter 2 Windows Server 2008 R2 Enterprise 11 Windows Server 2008 R2 Standard 2
P ROPRIETARY & CONFIDENTIAL PAGE 5 of 251
NETWORK ASSESSMENT your IT resource
Windows Server 2008 Standard 1 Windows Server 2012 Datacenter 1 Windows Vista Business 1 Windows Vista Ultimate 1 Windows XP Professional 22 Miscellaneous Non-A/D Systems 39 MX Records 7 MS SQL Servers 10 Web Servers 28 Printers 3 Exchange Servers 2 Network Shares 202 Installed Applications 1124 Potential or Severe Security Risks 10 Potential Insecure Listening Ports 24 External Network Security (High Risk) 2 External Network Security (Medium Risk) 0
P ROPRIETARY & CONFIDENTIAL PAGE 6 of 251
your IT resource NETWORK ASSESSMENT 3 - Domain: CLIENTDOM.COM
This section and corresponding sub-sections contain a comprehensive view of the domain.
3.1 - Domain Controllers
This section contains a listing of all Domain Controllers and their corresponding status.
Domain Controller Status UTIL01 online DC01 online
3.2 - FSMO Roles
This section contains a listing of all FSMO (Flexible Single Master Operation) roles, which are needed to operate a Windows domain.
Role Domain Controller Best Practice Schema Master UTIL01.CLIENTDOM.COM ForestWide Domain Naming Master UTIL01.CLIENTDOM.COM ForestWide PDC Emulator UTIL01.CLIENTDOM.COM DomainSpecific Relative ID (RID) Master UTIL01.CLIENTDOM.COM DomainSpecific Infrastructure Master UTIL01.CLIENTDOM.COM DomainSpecific
P ROPRIETARY & CONFIDENTIAL PAGE 7 of 251