AnsweredAssumed Answered

Report for Top 10 Misconfigurations

Question asked by sec_ois on Jul 15, 2013
Latest reply on Jul 17, 2013 by sec_ois

Good Afternoon,

 

I am new to Qualys and have been spending the past week on the Qualys site learning and absorbing as much as I can.

 

We recently generated a scan that served its purpose in identifying vulnerable items in our systems.

 

During a meeting I was asked to identify the Top 10 Mis-configuration Mistakes for our systems after identifying some clients where the adminsitrator account may not expire or windows accounts with unchanged passwords.

 

A couple of questions...

 

Will such configuration mistakes be listed only as vulnerabilities? Is there a way to distinguish them?

 

Any assistance would be much appreciated even if it is to point me in the right direction.

 

If possible I am also interested in identifying the # of clients affected and their computer names.

Outcomes