Security state assessment checks
Applies To: Forefront Client Security
This section provides detailed descriptions about each SSA check supported by Client Security, including how Client Security determines the score for a check and the results message that appears in SSA-related reports for each score.
Note
The parameters of SSA checks are not configurable. For example, you cannot change which services the Unnecessary Services check identifies as possible vulnerabilities.
Note
Client Security does not currently support custom SSA checks. You cannot create checks or use third-party checks.
The following table describes the possible vulnerability scores. If Client Security assigns a vulnerability score of Low or Informational, the vulnerability does not appear in reports.
| Score | Description |
|---|---|
High |
The computer is at high risk of exploitation by a threat. |
Medium |
The computer is at moderate risk of exploitation by a threat. This could indicate that exposure to the vulnerability is mitigated by the configuration of the computer. |
Low |
The computer is at low risk of exploitation by a threat. Note The Client Security agent does not report check results with a Low score to the collection server. The events remain in the Application log on the client computer. |
Informational |
No risk level is assigned. Use the information to assess the risk level of the vulnerability. Typically, when the settings examined by an SSA check are configured by Group Policy on the scanned computer, the resulting score is Informational. It is assumed that settings configured by Group Policy conform to your organization's standards and are therefore intentional. Note The Client Security agent does not report check results with an Informational score to the collection server. The events remain in the Application log on the client computer. |
Error |
No risk level could be determined. The console encountered an error. This could indicate an invalid or unexpected configuration for the computer. |