New Training: Analyze Vulnerability Scan Results
| new skills - Team Nuggets

New Training: Analyze Vulnerability Scan Results

In this 5-video skill, CBT Nuggets trainer Shawn Powers teaches you how to analyze the results of a vulnerability scan information on clients, networks, and businesses using various pentesting procedures. Watch this new CompTIA training.

Learn CompTIA with one of these courses:

This training includes:

  • 5 videos
  • 20 minutes of training

You’ll learn these topics in this skill:

  • Intro to Analyzing Scan Results
  • Categorizing Assets
  • Adjudicating Scan Results
  • Prioritizing Vulnerabilities
  • Identifying Common Themes

You Found Multiple Vulnerabilities: Which One Do You Fix First?

The job of an IT security analyst is to find any potential exploits in applications and IT environments. Once these exploits are found, analysts will need to prioritize which ones need to be fixed first. How do you do that?

Prioritizing which exploits need attention first may seem easy on paper but the answer may not always be clear. Though some exploits may be incredibly dangerous, they may also be extremely difficult to use. In this case, these exploits may not take priority.

A good example of this is Heart Bleed. Heart Bleed is a security exploit that could be used to leak sensitive data from servers. Due to its nature, it was difficult to implement. Likewise, using Heart Bleed was not guaranteed to be successful due to how it worked.

While Heart Bleed was making its rounds in the news cycle, another exploit was discovered that could affect TLS connections. This exploit could force a TLS connection between a client and server to downgrade itself to a version of SSL that was vulnerable to attacks.

If you discovered both exploits in your system at the same time, which exploit would take priority? Though Heartbleed was considered the most dangerous at that time, the TLS downgrade attack had a much more critical impact on systems.

Download

Download

Ultimate Security Cert Guide

A 62-page guide to every Palo Alto, Offensive Security, (ISC)2, Check Point, CompTIA, and Cisco certification, and how they fit into your career.

I have read and understood the privacy policy, and am able to consent to it.

LEARNING ON MOBILE

Learn anytime anywhere with our mobile apps.

I have read and understood the privacy policy and am able to consent to it.

© 2021 CBT Nuggets. All rights reserved. Terms | Privacy Policy | Accessibility | Sitemap | 1550 Valley River Drive, Eugene, OR 97401 | 541-284-5522
CBT Nuggets