### `author` Alex Mwaura # Windows server gap analysis Requirements - fundamentals Security concepts ## Key take aways - Apply security principles to secure enterprise infrustructure - Perform risk analysis - Understand security controls in windows baseline ## Step 1: Locate your windows version using the search tool, in the toolkit for example   note down your windows version, for example `Microsoft Windows Version 22H2` ## step 2 Go to your browser and locate where the compliance toolkit is hosted and Download it. For example; search `microsoft compliance toolkit`, or [here](https://www.microsoft.com/en-us/download/details.aspx?id=55319)  ## step 3 Extract the files. - Locate the policyanalyzer.exe and launch    ## step 4 Choose the baseline policy rule. - pick the folder containing the policyanalyzer policy rules files  Choose `Documentation` as the folder to open  You should see something like this in your policyanalyzer tool  - Select, then choose view/compare, this will tell you of your current security policy [**Click yes if promted**]  - Select, then choose gap analysis i.e Compare \ Effective State [**Click yes if promted**] **yellow means, there is a difference between the baseline and effective state.**  Congratulations, you are done.