A minimum of 200 words is required for each discussion question, and they must be your own words. Including figures and quotes is value-added, but they will not count against your 200 word requirement. Be sure to examine the discussion grading rubric.
Discussion Question 1:
Describe a role that WSUS and Windows Defender play in securing a Windows Network Infrastructure. What should be the policy be to keep the nodes on your network updated with the latest security updates?
Discussion Question 2:
Describe in detail some of the aspects of DHCP related to Windows Server 2016 including leases, scopes, and commands, etc. Explain how DHCP is installed and configured on Windows Server 2016.
Respond in your own words your opinion or add on, to the following response with 1 paragraph or more:
WSUS is Windows Server Update Services and is a Microsoft provided program that will auto-update systems on a network for users throughout the network without having to go to each machine individually and manually updating them. It has many options to customize the update for the company for when the update is to happen. Windows Defender is a security program that Windows offers on all windows system. It is able to be customized with the option to allow certain programs to run on specified user accounts and not to run on others. Windows Defender is also able to be configured with specified rules for what specific programs to look for when scanning.
Policy that should be used to keep the network up to date when using Windows Defender and WSUS are allowing automatic updates on the network so that the security is up to date. Another option to run is the enabling of the delay restart, as this will tell a user they have 15 minutes before the system will restart the machine and it cannot be delayed or set the specified time that will elapse before the restart happens. (Coreyp-At-Msft, n.d.) This may seem cruel if a user is working on a big file but it guarantees that a user cannot postpone an update indefinitely. Another option to add is the enable update by forcing machine from sleep mode. This way the machine will update even if it is in sleep mode and no one is working on it to prompt the update.
The WSUS-Windows server update may be a patch as well as update part of the Windows server and could provide a good and fast protection. In particular, both the WSUS as well as Windows defender often serve a complementary function in providing protection to a particular system. In this case, the Windows defender is especially Microsoft’s stock anti-virus or anti-malware program, and is standard with different versions of Windows. Its earlier versions were only able to protect against spyware but current versions have the capacity to protect all kinds of malware and threats to systems. As such, the Windows server improves the security state of an individual node or system and is part of security option for most system administrators used to enhance security on different networks.
Equally, WSUS also works jointly with the Windows defender, especially when it comes to providing security to networks. In this case, WSUS stands for Windows server update services and is classified as Microsoft’s live patching instrument. It is also a utility, which comes in standard with Windows server installations. It can also be activated on OS and is fundamentally important working with Windows Defender given that Windows defender is signature based, which suggests that it depends on stored series of known malwares in detecting, isolating, and preventing different threats, risks, as well as attacks.
It is similarly critical that Windows defender remain up to date so that new and known variants of malware could be identified and perhaps prevented from attacking any system. Ensuring that Windows defender is regularly updated could be achieved through integrating it with the WSUS as well as Windows update as shown in the following images.