From the course: CompTIA Security+ (SY0-601) Cert Prep: 1 Threats, Attacks, and Vulnerabilities
Unlock the full course today
Join today to access over 22,600 courses taught by industry experts or purchase this course individually.
SCAP (Security Content Automation Protocol)
From the course: CompTIA Security+ (SY0-601) Cert Prep: 1 Threats, Attacks, and Vulnerabilities
SCAP (Security Content Automation Protocol)
- [Narrator] You may have already figured out that there's a ton of jargon in the world of vulnerability management, and it can be a little bit confusing. We might use the terms web application vulnerability, SQL injection issue, and input validation flaw to all refer to the same thing. We also might talk about a vulnerability as being severe, critical, or urgent. There's a lot of ambiguity in our language, and that ambiguity is not only confusing for all of us, it can also prevent us from automating vulnerability management activities. It's as if our systems don't speak the same language. That's where the Security Content Automation Protocol, or SCAP, comes into play. SCAP is an effort led by the National Institute for Standards and Technology to create a consistent language and format for discussing security issues. Systems that adhere to SCAP standards are able to share information in a way that describes…
Contents
-
-
-
-
-
-
-
-
-
(Locked)
What is vulnerability management?5m 2s
-
(Locked)
Identify scan targets4m 24s
-
(Locked)
Scan configuration5m 20s
-
(Locked)
Scan perspective4m 24s
-
(Locked)
SCAP (Security Content Automation Protocol)2m 27s
-
(Locked)
CVSS (Common Vulnerability Scoring System)3m 31s
-
(Locked)
Analyzing scan reports4m 30s
-
(Locked)
Correlating scan results2m 20s
-
(Locked)
-
-