In this video, Marc Menninger describes how to scan devices for vulnerabilities. Learn about network vulnerability scanners and how to operate them. Discover why reports generated during vulnerability scanning are so useful for penetration testing.
- After network devices have been discovered,…important services have been identified,…the next step is to scan the devices for vulnerabilities.…This is accomplished with applications…designed to find outdated software, missing patches,…and misconfigurations on target systems.…Vulnerability scanners can also be used to…validate system compliance with internal…configuration standards or external security standards,…such as the ISO/IEC 27001.…
Vulnerability scanners are primarily pattern…or signature-based.…That means they check the current state of systems…for known vulnerabilities as published…in reliable sources like the Common Vulnerabilities…and Exposures Database.…One of the advantages of signature-based…vulnerability scanners is that results are consistent…because the patterns the software is checking for…either exist or they don't.…However, because new vulnerabilities…are frequently discovered, the signature database…in the software must be updated frequently.…
If vulnerability-scanning software isn't kept up to date,…
- Cite the three phases of external security assessments.
- Explain the reasons for conducting a log review.
- Explain what network sniffing is and why it’s used.
- Describe when to use a file integrity checking tool.
- Differentiate between active network discovery and passive network discovery.
- Explain how to scan for vulnerabilities.
- Relate the three techniques useful for validating target vulnerabilities.
- Explain the four-stage methodology of conducting penetration tests.
Skill Level Intermediate
1. Overview of Technical Security Assessments
2. Technical Security Assessment Reviews
3. Identify and Analyze Targets
4. Validate Target Vulnerabilities
5. Planning Technical Security Assessments
6. Executing the Technical Security Assessment
7. Post-Testing Activities
Report the results2m 16s
Next steps1m 32s
- Mark as unwatched
- Mark all as unwatched
Are you sure you want to mark all the videos in this course as unwatched?
This will not affect your course history, your reports, or your certificates of completion for this course.Cancel
Take notes with your new membership!
Type in the entry box, then click Enter to save your note.
1:30Press on any video thumbnail to jump immediately to the timecode shown.
Notes are saved with you account but can also be exported as plain text, MS Word, PDF, Google Doc, or Evernote.