New Skills

New Training: Analyze Vulnerability Scan Results

by Team Nuggets
New Training: Understand Orchestration Processes and Concepts picture: A
Follow us
Published on February 25, 2021

In this 5-video skill, CBT Nuggets trainer Shawn Powers teaches you how to analyze the results of a vulnerability scan information on clients, networks, and businesses using various pentesting procedures. Watch this new CompTIA training.

Learn CompTIA with one of these courses:

This training includes:

  • 5 videos

  • 20 minutes of training

You’ll learn these topics in this skill:

  • Intro to Analyzing Scan Results

  • Categorizing Assets

  • Adjudicating Scan Results

  • Prioritizing Vulnerabilities

  • Identifying Common Themes

You Found Multiple Vulnerabilities: Which One Do You Fix First?

The job of an IT security analyst is to find any potential exploits in applications and IT environments. Once these exploits are found, analysts will need to prioritize which ones need to be fixed first. How do you do that?

Prioritizing which exploits need attention first may seem easy on paper but the answer may not always be clear. Though some exploits may be incredibly dangerous, they may also be extremely difficult to use. In this case, these exploits may not take priority.

A good example of this is Heart Bleed. Heart Bleed is a security exploit that could be used to leak sensitive data from servers. Due to its nature, it was difficult to implement. Likewise, using Heart Bleed was not guaranteed to be successful due to how it worked.

While Heart Bleed was making its rounds in the news cycle, another exploit was discovered that could affect TLS connections. This exploit could force a TLS connection between a client and server to downgrade itself to a version of SSL that was vulnerable to attacks.

If you discovered both exploits in your system at the same time, which exploit would take priority? Though Heartbleed was considered the most dangerous at that time, the TLS downgrade attack had a much more critical impact on systems.


Download

By submitting this form you agree to receive marketing emails from CBT Nuggets and that you have read, understood and are able to consent to our privacy policy.


Don't miss out!Get great content
delivered to your inbox.

By submitting this form you agree to receive marketing emails from CBT Nuggets and that you have read, understood and are able to consent to our privacy policy.

Recommended Articles

Get CBT Nuggets IT training news and resources

I have read and understood the privacy policy and am able to consent to it.

© 2024 CBT Nuggets. All rights reserved.Terms | Privacy Policy | Accessibility | Sitemap | 2850 Crescent Avenue, Eugene, OR 97408 | 541-284-5522