YoVDO

CompTIA CySA+ (CS0-002) Cert Prep: 2 Vulnerability Management

Offered By: LinkedIn Learning

Tags

CompTIA CySA+ (Plus) Courses Cybersecurity Courses Information Security Certifications Courses Vulnerability Management Courses

Course Description

Overview

Review key vulnerability management tools and processes as you study for the CompTIA Cybersecurity Analyst (CySA+) exam. This course will prepare you for exam CS0-002.

Syllabus

Introduction
  • Vulnerability management
  • What you need to know
  • Study resources
1. Creating a Vulnerability Management Program
  • What is vulnerability management?
  • Identify scan targets
  • Scan frequency
2. Configuring and Executing Vulnerability Scans
  • Scan configuration
  • Scan perspective
  • Scanner maintenance
  • Vulnerability scanning tools
  • Passive vulnerability scanning
3. Remediating Vulnerabilities
  • Report scan results
  • Prioritize remediation
  • Create a remediation workflow
  • Barriers to vulnerability remediation
4. Analyzing Scan Results
  • SCAP (Security Content Automation Protocol)
  • CVSS (Common Vulnerability Scoring System)
  • Interpreting CVSS scores
  • Analyzing scan reports
  • Correlating scan results
5. Common Vulnerabilities
  • Server vulnerabilities
  • Endpoint vulnerabilities
  • Network vulnerabilities
  • Virutalization vulnerabilities
6. Software Security Issues
  • OWASP (Open Web Application Security Project)
  • Preventing SQL injection
  • Understanding cross-site scripting
  • Privilege escalation
  • Directory traversal
  • Race conditions
  • Dereferencing NULL pointers
  • Third-party code
  • Interception proxies
7. Specialized Technology Vulnerabilities
  • Industrial control systems
  • Internet of Things
  • Embedded systems
8. Access Control Vulnerabilities
  • Password attacks
  • Password spraying and credential stuffing
  • Impersonation attacks
  • Session hijacking
  • Eavesdropping attacks
Conclusion
  • Next steps

Taught by

Mike Chapple

Related Courses

CompTIA Security+ Course Certification
Cybrary
CompTIA Security+ Certification Training - SY0-601
Edureka
Become a CompTIA Advanced Security Practitioner (CASP+)
LinkedIn Learning
Become a CompTIA Certified Penetration Tester (PenTest+)
LinkedIn Learning
Become a CompTIA Cybersecurity Analyst (CySA+ CS0-002)
LinkedIn Learning