Does anyone have a checklist/framework for a SharePoint
security/vulnerability assessment?

Is any MSBA support planned for Windows SharePoint Services, specifically,
in the near future?

Any ASP.NET security/vulnerability assessment materials that people can
recmmend for assessing a WSS extranet solution?

Thanks,
Michael.