From the course: ISC2 Systems Security Certified Practitioner (SSCP) (2024) Cert Prep
Join today to access over 24,900 courses taught by industry experts.
SCAP
- [Instructor] You've probably already figured out that there's a ton of jargon in the world of vulnerability management and that jargon can be a little bit confusing. We might use the terms web application vulnerability, SQL injection issue, and input validation flaw all to refer to the same issue. We also might talk about a vulnerability as being severe, critical, or urgent. There's a lot of ambiguity in our language and that ambiguity is not only confusing for all of us, it can also prevent us from automating vulnerability activities. It's as if our systems don't speak the same language. That's where the Security Content Automation Protocol, SCAP, comes into play. SCAP is an effort led by the National Institute for Standards and Technology to create a consistent language and format for discussing security issues. Systems that adhere to SCAP standards are able to share information in a way that describes environments…
Practice while you learn with exercise files
Download the files the instructor uses to teach the course. Follow along and learn by watching, listening and practicing.
Download courses and learn on the go
Watch courses on your mobile device without an internet connection. Download courses using your iOS or Android LinkedIn Learning app.
Contents
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
- (Locked) What is vulnerability management?5m 2s
- (Locked) Identifying scan targets4m 28s
- (Locked) Scan configuration5m 22s
- (Locked) Scan perspective4m 26s
- (Locked) SCAP2m 34s
- (Locked) CVSS3m 31s
- (Locked) Interpreting CVSS scores3m 18s
- (Locked) Analyzing scan reports3m 59s
- (Locked) Correlating scan results2m 33s
- (Locked)
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-