CISSP - Vulnerability Assessment and Management
Watch on YouTube CISSP Domain 6 vulnerability assessment: network, host, application, and database scan types, credentialed vs non-credentialed scanning, CVSS scoring, and false positives vs false negatives. Includes the Equifax 2017 breach case study — 147 million people affected by a 76-day patching gap. Part of the complete CISSP study playlist - watch the next video for penetration testing.
▶ Watch next: CISSP - Software Testing and Code Review Explained [6.6] https://www.youtube.com/watch?v=NDx5JT_4nrs
Chapters
- 0:00 Vulnerability Management -- The Continuous Discipline
- 2:40 Scanning Types -- Network, Host, Application, Database
- 4:50 Credentialed vs Non-Credentialed Scans
- 6:50 CVSS Scoring and Vulnerability Prioritization
- 9:08 False Positives, False Negatives, and What to Do
- 11:17 The Vulnerability Management Lifecycle
- 13:32 Equifax 2017 -- Seventy-Six Days That Cost Everything
- 16:06 Quiz Time
CISSP Domain 6 vulnerability assessment: network, host, application, and database scan types, credentialed vs non-credentialed scanning, CVSS scoring, and false positives vs false negatives. Includes the Equifax 2017 breach case study...
Key Topics
- Vulnerability Management -- The Continuous Discipline
- Scanning Types -- Network, Host, Application, Database
- Credentialed vs Non-Credentialed Scans
- CVSS Scoring and Vulnerability Prioritization
- False Positives, False Negatives, and What to Do
- The Vulnerability Management Lifecycle
- Equifax 2017 -- Seventy-Six Days That Cost Everything