1 hour 23 minutes
and last video. We talked about the sources of own abilities and define vulnerability management.
In this video, we're going to wrap up our discussion on why we need vulnerability management
by talking about identifying and fixing the votes.
Now let's look at our objectives.
So where the primary objectives of vulnerability management
and we're gonna learn the difficulties and vulnerability management as well.
So I'm gonna get our pre assessment first
vulnerability management can be tanking. So
or is it folks?
Okay, so answer here is true
vulnerability Management can really be time consuming.
So let's look at the objectives of vulnerability management.
So we're gonna identify
and fixed votes.
So that's basically any sort of confederation or software base issue.
warty automated attacks.
We're gonna address new security threats,
and lastly, we're gonna maintain compliance with lows and regulations.
first, let's identify and fix the votes.
phones and software it can effect
and a security.
So the question is what is actually a photo
in the software.
So the Waltons off Where
can actually be code? That's outdated.
That means it needs to be fixed
by a source of a patch.
Sorry Patch is actually released
oh, every quarter.
So, for example,
Microsoft released patches every month,
and we just call Patch Tuesday.
A patch is a rem Edy remediation or basically a remedy
for the computer.
So for answers, if we can put into the real world,
if you're sick
and you have a tummy ache,
you take. Pick that Pepto Bismol
as your remedy to your
for your tummy ache. Now, in this instance,
if a computer is having issues with this software,
it receives a new patch to remedy the issue with the older version of the software.
let's talk about the war against the automated attacks.
First and foremost, let's identify what is the automated attack.
So the automated attack. It's simply when computers do the heavy lifting and finding vulnerable websites to exploit.
As a postman hacker doing is mainly in their basement.
So let's look at it. We have the ideas, and I ps
are basically saying we have the intrusion detection system
and also the intrusion protection system.
what a difference between the two.
So the ODS and I PS boat increase the security level of networks
not, as basically that's what they do is for us
the same. Now let's look at it for us.
So the main difference between one system and utter
it's the action that they take when an attack is detected in an initial phase.
As for what networks can in the port scan,
So let's talk about the intrusion detection system first,
so it provides that network but a level of preventive security against any suspicious activity.
The idea's a cheese, the this objective through early warnings
aimed at system administrators, however, I like I ps.
It is not designed to block attacks.
So let's look at I p s
to an intrusion prevention system
is a device that controls access to the I T networks in order to protect systems from attack and abuse. It is designed to inspect attack data
and take correspond in action,
blocking it as if,
as it is developing before succeeds,
creating a series of rules and corporate far wall.
So next let's look at the little balance.
Now, as far as a low balances,
it's basically what it sounds like.
Load balancers, eh
system within to enterprise.
Get off sets
the loads are basically the payloads of the data that's going to a particular service.
So what? It actually does this if, for instance, we have 10,000 pieces of data going to
one server, but if we have another survey that's connected to it,
it's going to balance. It was gonna
separated where 5000 is goingto one server,
and five thousand's going to notice there.
That way, it's not gonna be over text, and also it can actually prevent an attack.
As for is a buffer overflow
that we spoke about in a previous chapter.
We're basically in a previous
lesson in which would a buffer overflow does it loads up
a particular server? Whatmore data that I can handle
in which it becomes a vulnerability wanted overflow.
Now let's look at the hosts Anti malware solution.
Not a host anti Marion Merrell solution. We all have it at home, so we have McAfee.
We have Kaspersky.
We have Symantec and a few other.
You are in a virus and also anti male, where solutions as well, tune which
it actually goes out, and it's searches
Mel, where or anything that could basically attack a computer. So we have computer actually run slow.
It's being affected by mill where, and it's also being infected by viruses as well.
Fundamentals of Vulnerability Management
Most of the successful attacks through a business network could be prevented with vulnerability management. This course focuses on what you can do to automatically manage vulnerabilities and keep your network safe from attack.