New Training: Vulnerability Management Activities
In this 6-video skill, CBT Nuggets trainer John Munjoma teaches you how to identify vulnerabilities by using Nmap, how to mitigate and score vulnerabilities, and how to prepare for a vulnerability scanning evaluation. You’ll also gain an understanding of the Cyber Kill Chain model. Watch this new CompTIA training.
Watch the full course: CompTIA Cybersecurity Analyst
This training includes:
- 6 videos
- 40 minutes of training
You’ll learn these topics in this skill:
- Vulnerability Identification And Validation
- Mitigation Activities
- Common Vulnerability Scoring System
- Cyber Kill Chain Model
- Vulnerability Scanning Evaluation
- Inhibitors Of Remediation
Cyber Kill Chain Model: How to Mitigate the Recon Phase
The Cyber Kill Chain is a six-step, high-level blueprint for how a typical cyber-attack occurs. The earlier security analysts can detect an attack occurring on the kill chain, the easier it can be to prevent that attack. The first step in the Cyber Kill Chain is the reconnaissance phase, and that step can also be the most difficult to mitigate.
The reconnaissance phase in the kill chain is what attackers use to harvest data about the IT environment for a business. This might include acquiring login credentials or information about what software a business is using. Attackers typically use some form of social engineering for this step.
That's why the reconnaissance phase can be so difficult to mitigate. Though security exploits in software can be patched, the human condition is difficult to control. That's because asking employees to be aware of social engineering attacks is in direct opposition to their job functions.
For example, customer service representatives are there to assist customers with issues. It's their job to help customers in any way they can. That may mean they may try and work around business policies to work with customers.
It doesn't help matters when businesses often enforce KPIs that customer service representatives may not be able to meet by not being able to assist someone. So, when a social engineering attack occurs, it's very likely a customer service rep may fold under pressure when an attacker claiming to be a customer can't fully verify their account.