DETAILED ACTION
Notice of Pre-AIA  or AIA  Status
The present application, filed on or after March 16, 2013, is being examined under the first inventor to file provisions of the AIA .

Acknowledgements
This communication is in response to
Application claim amendments filed on 10/12/2021, and 
Authorization for the below examiner’s claim amendments was given by Phone by Mr. Arvind Reddy (Reg. No. 63,007) on 04/06/2022.

The amendments filed on 10/12/2021 have been entered.
The below specification amendments overcome the specification objection previously set forth in the Office Action mailed on 07/12/2021.
The below claims amendments overcome the claim objections and the USC 103 rejections previously set forth in the Office Action mailed on 07/12/2021.
Terminal disclaimer filed on 04/07/2022 overcome the Double Patenting rejection in view of application 15/084,542, now US Patent US 10445506 B2, previously set forth in the Office Action mailed on 07/12/2021.

An examiner’s amendment to the record appears below. Should the changes and/or additions be unacceptable to applicant, an amendment may be filed as provided by 37 CFR 1.312. To ensure consideration of such an amendment, it MUST be submitted no later than the payment of the issue fee.

Examiner’s Amendment
Note: Proposed amendments marked manually with underlining and 

Specification
Please amend paragraph [0045] in the specification of the instant application as follows.
[0045] “The management service 116 

Claims
1. (Currently Amended) A method of analyzing a computing device prior to
enrolling the computing device with a remote management service, comprising: 
initiating an enrollment of the computing device with the remote management service; 
determining that the remote management service requires a vulnerability scan of the computing device to be performed prior to enrolling the computing device with the remote management service; 
installing a configuration profile received from the remote management service,  wherein the configuration profile specifying a restriction for the computing device and a location of an installation package of a vulnerability detection component; 
installing the vulnerability detection component in the computing device, the vulnerability detection component being installed by executing the installation package obtained for the vulnerability detection component from [[a]] the location specified by the configuration profile; 
requesting the vulnerability detection component to perform a vulnerability scan of the computing device; 
transmitting a result of the vulnerability scan to the remote management service; and 
performing one or more remedial actions in response to the result of the vulnerability scan, 
wherein the remedial actions include: 
associating the computing device with a quarantine state within the remote management service when the result of the vulnerability scan indicates that a vulnerability is present in the computing device, wherein the quarantine state restricts the computing device to access to a subset of the services provided by the remote management service, and
receiving a replacement configuration profile with stricter restriction from the remote management service when the result of the vulnerability scan indicates that a vulnerability is present, the replacement configuration profile preventing access to enterprise resources.

2. (Original) The method of claim 1, further comprising authenticating the vulnerability detection component using a public key assigned to a developer of the vulnerability detection component.

3. (Original) The method of claim 1, further comprising:
performing the vulnerability scan of the computing device at a time when the computing device is associated with the quarantine state; and disassociating the computing device with the quarantine state in response to the result of the vulnerability scan indicating that the vulnerability is not present in the computing device.

4. (Original) The method of claim [[0]] 1, further comprising: obtaining a configuration profile for the computing device from the remote management service; and determining that the configuration profile specifies that the vulnerability scan of the computing device is required to be performed. 

5. (Original) The method of claim [[0]] 1, further comprising: 
obtaining a configuration profile for the computing device from the remote management service; and obtaining an installation package for the vulnerability detection component from a location specified by the configuration profile.

6. (Cancelled).

7. (Original) The method of claim [[0]] 1, wherein the vulnerability detection component comprises an application configured to detect an operating system vulnerability.

8. (Currently Amended) A system for analyzing a computing device prior to
enrolling the computing device with a remote management service, comprising:
the computing device;
a storage device storing a plurality of computer instructions executable by the computing device, wherein the plurality of computer instructions cause the computing device to at least:
initiate an enrollment of the computing device with the remote management service;
determine that the remote management service requires a vulnerability scan of the computing device to be performed prior to enrolling the computing device with the remote management service;
install a configuration profile received from the remote management service, wherein the configuration profile specifying a restriction for the computing device and a location of an installation package of a vulnerability detection component;
install the vulnerability detection component in the computing device, the vulnerability detection component being installed by executing obtained for the vulnerability detection component from the location specified by the configuration profile;
request the vulnerability detection component to perform a vulnerability scan of the computing device;
transmit a result of the vulnerability scan to the remote management service; and 
perform one or more remedial actions in response to the result of the vulnerability scan, wherein the remedial actions include: 
associate the computing device with a quarantine state within the remote management service when the result of the vulnerability scan indicates that a vulnerability is present in the computing device, wherein the quarantine state restricts the computing device to access to a subset of the services provided by the remote management service, and
receive a replacement configuration profile with stricter restriction from the remote management service when the result of the vulnerability scan indicates that a vulnerability is present, the replacement configuration profile prevents access to enterprise resources.

9. (Currently Amended) The system of claim 7, wherein the plurality of computer instructions
further cause the computing device to at least authenticate the vulnerability detection component using a public key assigned to a developer of the vulnerability detection component.

10. (Original) The system of claim 7, wherein the plurality of computer instructions further cause the computing device to at least: perform the vulnerability scan of the computing device at a time when the computing device is associated with the quarantine state; and disassociate the computing device with the quarantine state in response to the result of the vulnerability scan indicating that the vulnerability is not present in the computing device.

11. (Original) The system of claim 7, wherein the plurality of computer instructions further cause the computing device to at least: obtain a configuration profile for the computing device from the remote management service; and determine that the configuration profile specifies that the vulnerability scan of the computing device is required to be performed.

12. (Original) The system of claim 7, wherein the plurality of computer instructions further cause the computing device to at least: obtain a configuration profile for the computing device from the remote management service; and obtaining an installation package for the vulnerability detection component from a location specified by the configuration profile.

13. (Original) The system of claim 7, wherein the vulnerability detection component comprises at least one of an antivirus application or an application configured to detect an operating system vulnerability.

14. (Cancelled).

15. (Currently Amended) A non-transitory computer-readable medium for analyzing a computing device prior to enrolling the computing device with a remote management service, the non-transitory computer-readable medium storing a plurality of computer instructions executable by the computing device, wherein the plurality of computer instructions cause the computing device to at least:
initiate an enrollment of the computing device with the remote management
service;
determine that the remote management service requires a vulnerability scan of the computing device to be performed prior to enrolling the computing device with the remote management service;
install a configuration profile received from the remote management service,   wherein the configuration profile specifying a restriction for the computing device and a location of an installation package of a vulnerability detection component;
install the vulnerability detection component in the computing device, the vulnerability detection component being installed by executing obtained for the vulnerability detection component from the location specified by the configuration profile;
request the vulnerability detection component to perform a vulnerability scan of the computing device;
transmit a result of the vulnerability scan to the remote management service; and 
perform one or more remedial actions in response to the result of the vulnerability scan, wherein the remedial actions include: 
associate the computing device with a quarantine state within the remote management service when the result of the vulnerability scan indicates that a vulnerability is present in the computing device, wherein the quarantine state restricts the computing device to access to a subset of the services provided by the remote management service.
receive a replacement configuration profile with stricter restriction from the remote management service when the result of the vulnerability scan indicates that a vulnerability is present, the replacement configuration profile prevents access to enterprise resources.

16. (Original) The non-transitory computer-readable medium of claim 14, wherein the plurality of computer instructions further cause the computing device to at least authenticate the vulnerability detection component using a public key assigned to a developer of the vulnerability detection component.

17. (Original) The non-transitory computer-readable medium of claim 15, wherein the plurality of computer instructions further cause the computing device to at least: perform the vulnerability scan of the computing device at a time when the computing device is associated with the quarantine state; and disassociate the computing device with the quarantine state in response to the result of the vulnerability scan indicating that the vulnerability is not present in the computing device.

18. (Original) The non-transitory computer-readable medium of claim 15, wherein the plurality of computer instructions further cause the computing device to at least: obtain a configuration profile for the computing device from the remote management service; and determine that the configuration profile specifies that the vulnerability scan of the computing device is required to be performed.

19. (Currently Amended) The non-transitory computer-readable medium of claim 15, wherein the plurality of computer instructions further cause the computing device to at least: obtain a configuration profile for the computing device from the remote management service; and obtain an installation package for the vulnerability detection component from a location specified by the configuration profile.

20. (Currently Amended) The non-transitory computer-readable medium of claim 15, wherein the vulnerability detection component comprises at least one of an antivirus application or an application configured to detect an operating system vulnerability.

Allowable Subject Matter
Above Claims 1-5, 7-13 and 15-20 are allowed.
The following is a statement of reasons for indication of allowable subject matter.
Cited and relevant prior art of record:
Colesa et. al. (US 20160164880 A1),
Boren (US 20100100962 A1),
Shi et. al. (US 20180067676 A1), and
Chen et. al. (CN 104821950 A).
Colesa discloses a client system contacting a service-providing server with an enrollment request, accordingly the service-providing server transmits an evaluation agent back to the requesting client system to determine whether the respective client system supports virtualization and is capable of carrying out an integrity attestation exchange with the server. the evaluation agent determines certain details of the hardware of client system and makes the required determinations according to such hardware details. The client system transmits results of the evaluation to server. When the evaluation indicates that the client system either does not support hardware virtualization, or cannot carry out an integrity attestation exchange with server, the client receives and installs installation package from the server, and launches hypervisor, which performs a measurement of secure Virtual Machine (VM), to produce a reference value to be used for subsequent integrity verification of secure VM and to ensure that none of the components of secure VM has been tampered with, finally enrollment data is sent to server, where enrollment data may include measurements/hashes that can be used to verify the integrity of hypervisor. Boren discloses a service request is received by a defended (protected) server, where the server pings the requesting computer with an inspection code. This inspection code can launch a "simulated" "virtual" attack on the requesting computer's defenses. If the defenses are defeated, the inspection code sends a message back to its originating computer, indicating that the requesting computer, is vulnerable to malicious software and should not be allowed to receive the services requested. Boren further discloses that in order to reduce the workload on the server, the inspection code is distributed to the various secondary computers within the network which typically have available communication resources, which allows the individual secondary computers to autonomously execute portions of the task of determining which computers, are involved in an attack, when instructed to do so by the server. Shi discloses when a write request and a write data are received from a host computer, the storage controller generates an inspection code based on a location information included in the write request and the write data, and adds the inspection  
code to the write data and transmits the same to the memory device. Chen discloses establishing an IP address of a host and a data table corresponding to geographic positions, configuring geographic position information of a plurality of scanners, and configuring one of the scanners as a main scanner and others as slave scanners. 

While the above prior arts disclose the aforementioned concepts, however, none of the above prior arts, individually or in combination, discloses the all limitations in the manner recited in the independent claims. Specifically, none of the above prior art discloses installing a configuration profile received from the remote management service, wherein the configuration profile specifying a restriction for the computing device and a location of an installation package of a vulnerability detection component; installing the vulnerability detection component in the computing device, the vulnerability detection component being installed by executing the installation package obtained for the vulnerability detection component from the location specified by the configuration profile; and one remedial action includes receiving a replacement configuration profile with stricter restriction from the remote management service when the result of the vulnerability scan indicates that a vulnerability is present, the replacement configuration profile preventing access to enterprise resources. Therefore, the above limitations in conjunction with the remaining limitations of the independent claims render the above independent claims allowable.

Any comments considered necessary by applicant must be submitted no later than the payment of the issue fee and, to avoid processing delays, should preferably accompany the issue fee. Such submissions should be clearly labeled "Comments on Statement of Reasons for Allowance."

Conclusion
Any inquiry concerning this communication or earlier communications from the examiner should be directed to BASSAM A NOAMAN whose telephone number is (571)272-2705.  The examiner can normally be reached on Monday-Friday 8:30 AM-5:00PM.
Examiner interviews are available via telephone, in-person, and video conferencing using a USPTO supplied web-based collaboration tool. To schedule an interview, applicant is encouraged to use the USPTO Automated Interview Request (AIR) at http://www.uspto.gov/interviewpractice.
If attempts to reach the examiner by telephone are unsuccessful, the examiner’s supervisor, Eleni A. Shiferaw can be reached on (571) 272-3867.  The fax phone number for the organization where this application or proceeding is assigned is 571-273-8300.
Information regarding the status of an application may be obtained from the Patent Application Information Retrieval (PAIR) system.  Status information for published applications may be obtained from either Private PAIR or Public PAIR.  Status information for unpublished applications is available through Private PAIR only.  For more information about the PAIR system, see https://ppair-my.uspto.gov/pair/PrivatePair. Should you have questions on access to the Private PAIR system, contact the Electronic Business Center (EBC) at 866-217-9197 (toll-free). If you would like assistance from a USPTO Customer Service Representative or access to the automated information system, call 800-786-9199 (IN USA OR CANADA) or 571-272-1000.
/BASSAM A NOAMAN/           Examiner, Art Unit 2497                                                                                                                                                                                             
/ELENI A SHIFERAW/Supervisory Patent Examiner, Art Unit 2497