English | MP4 | AVC 1280×720 | AAC 44KHz 2ch | 3h 14m | 400 MB
Pluralsight is not an official partner or accredited training center of EC-Council. In this course, you’ll learn how important it is to not only scan your networks for any red flags but also how to analyse those results.
Pluralsight is not an official partner or accredited training center of EC-Council. Networks aren’t what they use to be. They’re more complex than ever. Systems today are so interconnected, and buried within those systems are thousands of undetected security vulnerabilities waiting to be used against you. Attackers perform vulnerability analysis to identify loopholes in your organization’s infrastructure. Any vulnerabilities they find will be used to breach and dig deeper into your systems. In this course, Ethical Hacking: Vulnerability Analysis, you’ll learn how to further secure your infrastructures by using the same tools and techniques that attackers use to probe your network to find possible attack vectors. First, you’ll be taught about the different types of vulnerabilities, the types of scans and possible regulatory requirements that you might face. Next, you’ll learn about the different VMS (Vulnerability Management Software) programs and how to choose one that is best for your organization. Finally, you learn how to prioritize your vulnerabilities and the remediation steps needed for servers, a workstation, networks, or even virtual machines. When you’ve finished this course, you’ll have under your “Utility-Belt,” the skills and knowledge of an Ethical Hacker when it comes to vulnerability analysis.
Table of Contents
What Do You Need to Start
1 Introduction
2 Benefits of a Vulnerability Management Program
3 Classifcation of Vulnerabilities
4 Types of Vulnerability Analysis
5 Assessement Lifecycles
6 Assessment Solutions
7 Corporate Policies
8 Regulatory Environments
9 Dales Top 10 Prechecks
10 Demo – Adding OpenVAS to Your Digital Playground
11 Summary
Shaping and Implementing Our Vulnerability Scans
12 What Gets Covered
13 ID Targets for Your Scan
14 Demo – Scanning A Target
15 Define Scan Frequency
16 The Scopes
17 Configurations
18 Scanner Maintenance
19 Classifying Data
20 Ongoing Scanning and Continuous Monitoring
21 Summary
The Scanners
22 What Gets Covered
23 Understanding Which Scanner to Use
24 Choosing Between Open Source or Commercial
25 Demo – Nessus
26 Choosing Between Premises and Cloud
27 A Quick Understanding of Nexpose
28 Demo – MBSA
29 What The SCAP
30 Exploit Scanners
31 Summary
Analyzing Vulnerability Scans
32 What Gets Covered
33 The Tricks to Interpreting Reports
34 CVSS – The Standard
35 False Positives and Exceptions
36 Looking at Trends
37 Summary
Remediation and Change Control
38 What Gets Covered
39 The Remediation Workflow
40 Communication and Change Control
41 Inhibitors to Remediation
42 Summary
Remediating Host Vulnerabilities
43 What Gets Covered
44 Looking at Servers
45 Looking at Endpoints
46 Looking at ICS And SCADA
47 Summary
Remediating Network Vulnerabilities
48 What Gets Covered
49 Keeping up to Date with Updates
50 Don t Forget SSL and TLS
51 Looking at DNS
52 Internal IP Exposure
53 Check Your VPNs
54 Summary
Remediating Virtual Environment Vulnerabilities
55 What Gets Covered
56 Let s Quickly Review Virtualization
57 Administration Interface Access
58 Virtual Host Patching
59 Virtual Guest Concerns
60 Virtual Network Concerns
61 VM Escape
62 Summary and Course Wrap Up
Resolve the captcha to access the links!