From the course: Performing a Technical Security Audit and Assessment (2017)
Join today to access over 22,700 courses taught by industry experts or purchase this course individually.
Conduct the analysis
From the course: Performing a Technical Security Audit and Assessment (2017)
Conduct the analysis
- Security vulnerabilities found while conducting the assessment should be analyzed either during or after the assessment. The purpose of this analysis is to validate, categorize, and find the root causes of the vulnerabilities. Some of the identified vulnerabilities may be false positives, meaning they appear to be security problems at first, but after further examination, they're no longer considered vulnerabilities. This can happen when patches are applied but the new version number hasn't been updated. The vulnerable service or function is disabled or a condition or workaround exists that negates the vulnerability. It's important to eliminate false positive findings to prevent resources from being expended on solving a problem that doesn't exist. Vulnerabilities can be validated by running other scanning tools against the systems with the suspected vulnerabilities and comparing the results with the original findings. If they match, there's a good chance the results are reliable…
Practice while you learn with exercise files
Download the files the instructor uses to teach the course. Follow along and learn by watching, listening and practicing.
Download courses and learn on the go
Watch courses on your mobile device without an internet connection. Download courses using your iOS or Android LinkedIn Learning app.