New Training: Techniques Used in Security Assessments
In this 8-video skill, CBT Nuggets trainer Keith Barker discusses techniques used in security assessments. Watch this new Cyber Security training.
Learn Cyber Security with one of these courses:
This training includes:
- 8 videos
- 45 minutes of training
You’ll learn these topics in this skill:
- Vulnerability Scan Overview
- Network Scan Demonstration
- Positive and Negative Scan Results
- CVE and CVSS
- Security information and event management (SIEM)
- Threat hunting
- Security orchestration, automation, and response (SOAR)
- Security Assessment Review Quiz
How Does Vulnerability Scanning Work?
Vulnerabilities are weaknesses in information systems, procedures or internal controls that a hacker could use to compromise a system. Hardware and software are full of bugs, and humans are prone to error, which means any system likely has vulnerabilities. Vulnerability scanning is the process of checking networks, applications and systems for known vulnerabilities, so that those weaknesses can be fixed.
Organizations may choose from a variety of scanning methods. Non-credentialed scans look for vulnerabilities that can be exploited without privileged access; credentialed scans find vulnerabilities that require privileged access to exploit. External scans look at Internet-facing systems, applications and networks, while internal scans target internal networks and systems. Scans may be performed by internal IT teams or by third-party services.
Organizations need to assess the risks and focus first on scanning critical systems to protect against the most likely and dangerous attacks.