From the course: ISC2 Systems Security Certified Practitioner (SSCP) (2024) Cert Prep
Join today to access over 24,900 courses taught by industry experts.
CVSS
- [Instructor] Let's dig into the Common Vulnerability Scoring System, or CVSS, because you'll see that used on scan reports. CVSS assigns a score to each vulnerability on a 10-point scale. We can figure out a base CVSS score by evaluating eight different metrics and then combining the results. The first metric is the Attack Vector metric. This describes the type of access that an attacker must have to exploit a vulnerability. The value for this metric can be physical, meaning that the attacker must be able to physically touch or manipulate the target system. It can be local, meaning that the attacker must have physical or logical access to the system's console, or it can be adjacent network, meaning that the attacker must have access to the system's local network, or it can just be network, meaning that the vulnerability is remotely exploitable. The second metric is the Attack Complexity metric. This metric measures…
Practice while you learn with exercise files
Download the files the instructor uses to teach the course. Follow along and learn by watching, listening and practicing.
Download courses and learn on the go
Watch courses on your mobile device without an internet connection. Download courses using your iOS or Android LinkedIn Learning app.
Contents
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
- (Locked) What is vulnerability management?5m 2s
- (Locked) Identifying scan targets4m 28s
- (Locked) Scan configuration5m 22s
- (Locked) Scan perspective4m 26s
- (Locked) SCAP2m 34s
- (Locked) CVSS3m 31s
- (Locked) Interpreting CVSS scores3m 18s
- (Locked) Analyzing scan reports3m 59s
- (Locked) Correlating scan results2m 33s
- (Locked)
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-