100 Most Popular Courses For September

Class Central is learner-supported. When you buy through links on our site, we may earn an affiliate commission.

LinkedIn Learning

CompTIA Cybersecurity Analyst+ (CySA+) (CS0-003) Cert Prep: 2 Vulnerability Management

via LinkedIn Learning

Go to class Write review

Overview

Learn the detailed information you need to prepare for the Vulnerability Management domain of the Cybersecurity Analyst+ (CySA+) exam.

Syllabus

Introduction
  • Vulnerability management
  • What you need to know
  • Study resources
1. Creating a Vulnerability Management Program
  • What is vulnerability management?
  • Identify scan targets
  • Scan frequency
2. Network Mapping
  • Network scanning
  • Install Nmap on Windows
  • Install Nmap on macOS
  • Run and interpret a simple Nmap scan
  • Host discovery with Nmap
  • Operate system fingerprinting
  • Service version detection
3. Configuring and Executing Vulnerability Scans
  • Security baseline scanning
  • Scan configuration
  • Scan perspective
  • Scanner maintenance
  • Vulnerability scanning tools
  • Passive vulnerability scanning
4. Analyzing Scan Results
  • SCAP
  • CVSS
  • Interpret CVSS scores
  • Analyze scan reports
  • Correlate scan results
5. Common Vulnerabilities
  • Server vulnerabilities
  • Endpoint vulnerabilities
  • Network vulnerabilities
6. Software Security Issues
  • OWASP Top 10
  • Prevent SQL injection
  • Understand cross-site scripting
  • Request forgery
  • Privilege escalation
  • Directory traversal
  • File inclusion
  • Overflow attacks
  • Cookies and attachments
  • Session hijacking
  • Race conditions
  • Memory vulnerabilities
  • Code execution attacks
  • Data poisoning
  • Third-party code
  • Interception proxies
7. Specialized Technology Vulnerabilities
  • Industrial control systems
  • Internet of Things
  • Embedded systems
8. More Cybersecurity Tools
  • Exploitation frameworks
  • Cloud auditing tools
  • Debuggers
  • Open-source reconnaissance
  • Control frameworks
9. Software Development Lifecycle
  • Software platforms
  • Development methodologies
  • Maturity models
  • Change management
10. Secure Coding Practices
  • Input validation
  • Parameterized queries
  • Authentication and session management issues
  • Output encoding
  • Error and exception handling
  • Code signing
  • Database security
  • Data de-identification
  • Data obfuscation
11. Software Quality Assurance
  • Software testing
  • Code security tests
  • Fuzzing
  • Reverse engineering software
  • Reverse engineering hardware
12. Threat Modeling
  • Threat research
  • Identify threats
  • Understand attacks
  • Threat modeling
  • Attack surface management
  • Bug bounty
13. Security Governance
  • Align security with the business
  • Organizational processes
  • Security roles and responsibilities
  • Security control selection
14. Risk Management
  • Risk assessment
  • Quantitative risk assessment
  • Risk treatment options
  • Risk management frameworks
  • Risk visibility and reporting
Conclusion
  • Continue your studies

Taught by

Mike Chapple

Reviews

4.8 rating at LinkedIn Learning based on 175 ratings

Start your review of CompTIA Cybersecurity Analyst+ (CySA+) (CS0-003) Cert Prep: 2 Vulnerability Management

Go to class

Never Stop Learning.

Get personalized course recommendations, track subjects and courses with reminders, and more.

Sign up for free
Someone learning on their laptop while sitting on the floor.