From the course: ISC2 Systems Security Certified Practitioner (SSCP) (2024) Cert Prep
Join today to access over 24,900 courses taught by industry experts.
Identifying scan targets
From the course: ISC2 Systems Security Certified Practitioner (SSCP) (2024) Cert Prep
Identifying scan targets
- [Instructor] As you get a vulnerability management program underway, your first step is to develop requirements for that program. You'll think through whether the program is based upon a general desire to improve security, a response to regulatory requirements, or a reaction to corporate policy. Once you've done that, your next step is to turn those general requirements into a list of the specific systems and networks that you want to scan. In order to create this list, you need to have an asset inventory that you can trust. If your organization practices good asset management already, you may find that you already have this inventory ready to draw into your vulnerability management program. You might find that your organization's configuration management tools already have a complete inventory of systems and devices on your network. And in the best case that the inventory is kept up to date with information from…
Practice while you learn with exercise files
Download the files the instructor uses to teach the course. Follow along and learn by watching, listening and practicing.
Download courses and learn on the go
Watch courses on your mobile device without an internet connection. Download courses using your iOS or Android LinkedIn Learning app.
Contents
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
- (Locked) What is vulnerability management?5m 2s
- (Locked) Identifying scan targets4m 28s
- (Locked) Scan configuration5m 22s
- (Locked) Scan perspective4m 26s
- (Locked) SCAP2m 34s
- (Locked) CVSS3m 31s
- (Locked) Interpreting CVSS scores3m 18s
- (Locked) Analyzing scan reports3m 59s
- (Locked) Correlating scan results2m 33s
- (Locked)
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-