Detecting Windows Vulnerabilities

Lab Steps

Logging into the Microsoft Azure Portal
Connecting to the Lab Host Virtual Machine Using RDP
Detecting and Analyzing Vulnerabilities in Windows

Ready for the real environment experience?

Time Limit30m
star star star star-border star-border


Most estimates put Microsoft's Windows operating system running on the vast majority of Desktop computers. With such a large installed base, Windows systems are attractive targets for attackers. This Lab will detect and analyze the vulnerabilities of a Windows host. You will learn how to prevent having vulnerabilities exploited and learn how to investigate specific vulnerabilities. Host security is one layer in a multi-layered security strategy. This Lab focuses on host security and does not discuss other layers such as network and application security.

The Windows host that you will check for vulnerabilities is a Windows 7 virtual machine running in a Hyper-V virtual environment.

This Lab is designed for the CREST Practitioner Security Analyst (CPSA) certification examination but is of value to security practitioners in general.

Learning Objectives

Upon completion of this Lab you will be able to:

  • Understand different categories of host vulnerabilities
  • Learn how to protect against host vulnerabilities
  • Find out more information about specific vulnerabilities
  • Learn about Windows tools that can help identify system vulnerabilities

Intended Audience

This Lab is intended for:

  • CREST CPSA certification examinees
  • Security practitioners
  • Windows administrators


You should be familiar with:

  • Working with the Windows operating system at a basic level
Environment before
Environment after

About the Author

Learning paths12

Logan has been involved in software development and research since 2007 and has been in the cloud since 2012. He is an AWS Certified DevOps Engineer - Professional, AWS Certified Solutions Architect - Professional, Microsoft Certified Azure Solutions Architect Expert, MCSE: Cloud Platform and Infrastructure, Google Cloud Certified Associate Cloud Engineer, Certified Kubernetes Administrator (CKA), Certified Kubernetes Application Developer (CKAD), Linux Foundation Certified System Administrator (LFCS), and Certified OpenStack Administrator (COA). He earned his Ph.D. studying design automation and enjoys all things tech.

Covered Topics