YoVDO

CompTIA CySA+ (CS0-002) Cert Prep: 2 Vulnerability Management

Offered By: LinkedIn Learning

Tags

CompTIA CySA+ (Plus) Courses Cybersecurity Courses Network Security Courses Information Security Certifications Courses Software Security Courses Vulnerability Management Courses

Course Description

Overview

Review key vulnerability management tools and processes as you study for the CompTIA Cybersecurity Analyst (CySA+) exam. This course will prepare you for exam CS0-002.

Syllabus

Introduction
  • Vulnerability management
  • What you need to know
  • Study resources
1. Creating a Vulnerability Management Program
  • What is vulnerability management?
  • Identify scan targets
  • Scan frequency
2. Configuring and Executing Vulnerability Scans
  • Scan configuration
  • Scan perspective
  • Scanner maintenance
  • Vulnerability scanning tools
  • Passive vulnerability scanning
3. Remediating Vulnerabilities
  • Report scan results
  • Prioritize remediation
  • Create a remediation workflow
  • Barriers to vulnerability remediation
4. Analyzing Scan Results
  • SCAP (Security Content Automation Protocol)
  • CVSS (Common Vulnerability Scoring System)
  • Interpreting CVSS scores
  • Analyzing scan reports
  • Correlating scan results
5. Common Vulnerabilities
  • Server vulnerabilities
  • Endpoint vulnerabilities
  • Network vulnerabilities
  • Virutalization vulnerabilities
6. Software Security Issues
  • OWASP (Open Web Application Security Project)
  • Preventing SQL injection
  • Understanding cross-site scripting
  • Privilege escalation
  • Directory traversal
  • Race conditions
  • Dereferencing NULL pointers
  • Third-party code
  • Interception proxies
7. Specialized Technology Vulnerabilities
  • Industrial control systems
  • Internet of Things
  • Embedded systems
8. Access Control Vulnerabilities
  • Password attacks
  • Password spraying and credential stuffing
  • Impersonation attacks
  • Session hijacking
  • Eavesdropping attacks
Conclusion
  • Next steps

Taught by

Mike Chapple

Related Courses

Pattern-Oriented Software Architectures: Programming Mobile Services for Android Handheld Systems
Vanderbilt University via Coursera
Engineering Maintainable Android Apps
Vanderbilt University via Coursera
Software Design as an Element of the Software Development Lifecycle
University of Colorado System via Coursera
Secure Software Development
Pluralsight
Secure Software Concepts for CSSLPĀ®
Pluralsight