From the course: Performing a Technical Security Audit and Assessment
Unlock the full course today
Join today to access over 22,600 courses taught by industry experts or purchase this course individually.
Scan for vulnerabilities
From the course: Performing a Technical Security Audit and Assessment
Scan for vulnerabilities
- After network devices have been discovered, important services have been identified, the next step is to scan the devices for vulnerabilities. This is accomplished with applications designed to find outdated software, missing patches, and misconfigurations on target systems. Vulnerability scanners can also be used to validate system compliance with internal configuration standards or external security standards, such as the ISO/IEC 27001. Vulnerability scanners are primarily pattern or signature-based. That means they check the current state of systems for known vulnerabilities as published in reliable sources like the Common Vulnerabilities and Exposures Database. One of the advantages of signature-based vulnerability scanners is that results are consistent because the patterns the software is checking for either exist or they don't. However, because new vulnerabilities are frequently discovered, the signature database in the software must be updated frequently. If…
Practice while you learn with exercise files
Download the files the instructor uses to teach the course. Follow along and learn by watching, listening and practicing.
Contents
-
-
-
-
-
Required skillsets2m 49s
-
(Locked)
Conduct network discovery4m 31s
-
(Locked)
Network discovery tool demo3m 3s
-
(Locked)
Challenge: Install and run Nmap1m
-
(Locked)
Solution: Install and run Nmap2m 47s
-
(Locked)
Identify network ports and services3m 6s
-
(Locked)
Network ports and services discovery tool demo5m 11s
-
(Locked)
Scan for vulnerabilities5m 20s
-
(Locked)
Vulnerability scanning tool demo4m 21s
-
(Locked)
Scan wireless networks5m 32s
-
-
-
-
-
-