New Training: Vulnerability Management Activities
| new skills - Team Nuggets

New Training: Vulnerability Management Activities

In this 6-video skill, CBT Nuggets trainer John Munjoma teaches you how to identify vulnerabilities by using Nmap, how to mitigate and score vulnerabilities, and how to prepare for a vulnerability scanning evaluation. You’ll also gain an understanding of the Cyber Kill Chain model. Watch this new CompTIA training.

Watch the full course: CompTIA Cybersecurity Analyst

This training includes:

  • 6 videos
  • 40 minutes of training

You’ll learn these topics in this skill:

  • Vulnerability Identification And Validation
  • Mitigation Activities
  • Common Vulnerability Scoring System
  • Cyber Kill Chain Model
  • Vulnerability Scanning Evaluation
  • Inhibitors Of Remediation

Cyber Kill Chain Model: How to Mitigate the Recon Phase

The Cyber Kill Chain is a six-step, high-level blueprint for how a typical cyber-attack occurs. The earlier security analysts can detect an attack occurring on the kill chain, the easier it can be to prevent that attack. The first step in the Cyber Kill Chain is the reconnaissance phase, and that step can also be the most difficult to mitigate.

The reconnaissance phase in the kill chain is what attackers use to harvest data about the IT environment for a business. This might include acquiring login credentials or information about what software a business is using. Attackers typically use some form of social engineering for this step.

That's why the reconnaissance phase can be so difficult to mitigate. Though security exploits in software can be patched, the human condition is difficult to control. That's because asking employees to be aware of social engineering attacks is in direct opposition to their job functions.

For example, customer service representatives are there to assist customers with issues. It's their job to help customers in any way they can. That may mean they may try and work around business policies to work with customers.

It doesn't help matters when businesses often enforce KPIs that customer service representatives may not be able to meet by not being able to assist someone. So, when a social engineering attack occurs, it's very likely a customer service rep may fold under pressure when an attacker claiming to be a customer can't fully verify their account.



Ultimate Security Cert Guide

A 62-page guide to every Palo Alto, Offensive Security, (ISC)2, Check Point, CompTIA, and Cisco certification, and how they fit into your career.

By submitting this form you agree that you have read, understood, and are able to consent to our privacy policy.


Learn anytime anywhere with our mobile apps.

I have read and understood the privacy policy and am able to consent to it.

© 2021 CBT Nuggets. All rights reserved. Terms | Privacy Policy | Accessibility | Sitemap | 1550 Valley River Drive, Eugene, OR 97401 | 541-284-5522
CBT Nuggets