CySA+ Cert Prep: 2 Vulnerability Management

CySA+ Cert Prep: 2 Vulnerability Management

English | MP4 | AVC 1280×720 | AAC 48KHz 2ch | 1h 37m | 200 MB

Are you currently pursuing the CompTIA Cybersecurity Analyst (CySA+) certification? If so, this course—the second installment in the CySA+ Cert Prep series—can help you approach the exam with confidence by covering key concepts that can prepare you for the Vulnerability Management domain of the CySA+ exam. Instructor Mike Chapple includes coverage of how to create a vulnerability management program, configure and execute vulnerability scans, and remediate vulnerabilities. He also goes over common server, endpoint, and network vulnerabilities and explains how to analyze scan results.

We are now a CompTIA Content Publishing Partner. As such, we are able to offer CompTIA exam vouchers at a 10% discount. For more information on how to obtain this discount, please download these PDF instructions.

Topics include:

  • Creating a vulnerability management program
  • Identifying scan targets
  • Configuring and executing vulnerability scans
  • Reporting scan results
  • Creating a remediation workflow
  • Analyzing scan reports
  • Server, endpoint, and network vulnerabilities
  • Preventing SQL injection
  • Working with Nessus, Qualys, Rapid7 Nexpose, and OpenVAS
Table of Contents

Introduction
1 Welcome
2 What you need to know

Creating a Vulnerability Management Program
3 What is vulnerability management
4 Identify scan targets
5 Scan frequency

Configuring and Executing Vulnerability Scans
6 Scan configuration
7 Scan perspective
8 Scanner maintenance
9 Vulnerability scanning tools
10 Report scan results

Remediating Vulnerabilities
11 Prioritize remediation
12 Create a remediation workflow
13 Barriers to vulnerability remediation
14 SCAP

Analyzing Scan Results
15 CVSS
16 Interpreting CVSS scores
17 Analyzing scan reports
18 Correlating scan results
19 Server vulnerabilities

Common Vulnerabilities
20 Endpoint vulnerabilities
21 Network vulnerabilities
22 Virutalization vulnerabilities
23 Industrial control systems
24 Understanding cross-site scripting
25 Preventing SQL injection

Conclusion
26 Next steps