From the course: CISSP Cert Prep (2021): 6 Security Assessment and Testing
Unlock the full course today
Join today to access over 22,600 courses taught by industry experts or purchase this course individually.
Analyzing scan reports
From the course: CISSP Cert Prep (2021): 6 Security Assessment and Testing
Analyzing scan reports
- [Instructor] As a cybersecurity analyst you'll likely spend a good amount of your time analyzing reports from vulnerability scans. One of your primary responsibilities may be sorting through the results of these scans and presenting information from them to a wide variety of audiences. You'll need to provide engineers, developers and system administrators with the technical detail that they need to correct issues. You'll also need to explain trends and high-level risk ratings to business leaders and you'll need to present security management with a picture of how well the organization is doing at managing risk. As you interpret the results of any scan report, you should first focus on five factors. These include: the severity of the vulnerability. The criticality of the systems affected. The sensitivity of information involved. The difficulty of remediation. And the exposure of the system with the…