Vulnerability assessment tools automate the process of vulnerability scanning. In this video, learn about the use of scanning tools, including port scanners and vulnerability scanners, along with banner grabbing as a scanning technique.
- [Instructor] Testing systems for security issues…is one of the most important tasks performed…by security professionals, but it can be a little tedious.…Security analysts must test for vulnerabilities…because if they don't, hackers will.…You're much better off if you discover an issue…and correct it than if an attacker discovers it…and exploits it.…Fortunately, vulnerability assessment tools…automate the process of vulnerability scanning.…There are three major categories of these tools.…Port scanners which simply probe a system…for open network ports, vulnerability scanners which check…those ports for known vulnerabilities,…and application scanners that probe deep…into web applications to detect flaws.…
Port scanners are the equivalent of rattling…all the door knobs on a server, looking for unlocked doors.…They check all of the possible 65,535 network ports…on a server to see which ones might be open.…The most popular port scanning tool…is a program called Nmap.…Let's give it a try.…I'm going to go ahead and run Nmap from the Linux…
Author
Mike Chapple
Released
11/22/2017We are a CompTIA Content Publishing Partner. As such, we are able to offer CompTIA exam vouchers at a 10% discount. For more information on how to obtain this discount, please download these PDF instructions.
- Comparing viruses, worms, and Trojans
- Backdoors and logic bombs
- Understanding the attacker
- Attack types: from denial of service to brute force attacks
- Preventing insider threats
- Wireless attacks
- Understanding cross-site scripting
- Preventing SQL injection
- Social engineering
- Scanning for vulnerabilities
- Penetration testing
- Assessing the impact of vulnerabilities
Skill Level Beginner
Duration
Views
-
Introduction
-
Welcome1m 47s
-
-
1. Malware
-
Looking at advanced malware4m 25s
-
Advanced persistent threats3m 40s
-
2. Understanding Attackers
-
Cybersecurity adversaries4m 11s
-
Threat intelligence2m 37s
-
-
3. Understanding Attack Types
-
Denial of service attacks4m 25s
-
Eavesdropping attacks4m 5s
-
Network attacks6m 19s
-
Network address spoofing3m 25s
-
Password attacks8m 22s
-
Watering hole attacks3m 6s
-
-
4. Wireless Attacks
-
Wireless eavesdropping4m 36s
-
WPA and WPS attacks3m 30s
-
Propagation attacks3m 42s
-
Disassociation attacks2m 41s
-
RFID security2m 56s
-
-
5. Application Attacks
-
Application security4m 16s
-
Preventing SQL injection5m 7s
-
Clickjacking1m 53s
-
Overflow attacks3m 25s
-
Session hijacking3m 50s
-
Malicious add-ons2m 26s
-
Code execution attacks3m 2s
-
Driver manipulation2m 45s
-
Error and exception handling3m 52s
-
-
6. Social Engineering Attacks
-
Social engineering5m 31s
-
Impersonation attacks4m 45s
-
Physical social engineering2m 27s
-
-
7. Vulnerability Scanning and Penetration Testing
-
Security assessment tools5m 50s
-
Scanning for vulnerabilities5m 35s
-
Assessing threats3m 14s
-
Threat assessment techniques2m 41s
-
Penetration testing3m 56s
-
-
8. Impact of Vulnerabilities
-
Vendor vulnerabilities4m 21s
-
Memory vulnerabilities4m 9s
-
-
Conclusion
-
Next steps42s
-
Take notes with your new membership!
Type in the entry box, then click Enter to save your note.
Press on any video thumbnail to jump immediately to the timecode shown.
Notes are saved with you account but can also be exported as plain text, MS Word, PDF, Google Doc, or Evernote.
Share this video
Embed this video
Video: Scanning for vulnerabilities