Time
1 hour 23 minutes
Difficulty
Beginner
CEU/CPE
2

Video Transcription

00:01
and last video. We talked about the sources of own abilities and define vulnerability management.
00:07
In this video, we're going to wrap up our discussion on why we need vulnerability management
00:12
by talking about identifying and fixing the votes.
00:18
Now let's look at our objectives.
00:21
So where the primary objectives of vulnerability management
00:24
and we're gonna learn the difficulties and vulnerability management as well.
00:32
So I'm gonna get our pre assessment first
00:35
vulnerability management can be tanking. So
00:39
is it
00:40
a true
00:42
or is it folks?
00:47
Okay, so answer here is true
00:50
vulnerability Management can really be time consuming.
00:57
So let's look at the objectives of vulnerability management.
01:00
So we're gonna identify
01:02
and fixed votes.
01:03
So that's basically any sort of confederation or software base issue.
01:11
We're gonna
01:11
warty automated attacks.
01:15
We're gonna address new security threats,
01:19
and lastly, we're gonna maintain compliance with lows and regulations.
01:26
So
01:27
first, let's identify and fix the votes.
01:32
So
01:34
phones and software it can effect
01:38
performance
01:40
availability
01:42
and a security.
01:44
So the question is what is actually a photo
01:48
in the software.
01:49
So the Waltons off Where
01:52
can actually be code? That's outdated.
01:56
That means it needs to be fixed
01:59
by a source of a patch.
02:01
Sorry Patch is actually released
02:05
either. Motley
02:07
oh, every quarter.
02:09
So, for example,
02:12
Microsoft released patches every month,
02:15
and we just call Patch Tuesday.
02:17
A patch is a rem Edy remediation or basically a remedy
02:23
for the computer.
02:23
So for answers, if we can put into the real world,
02:28
if you're sick
02:30
and you have a tummy ache,
02:30
you take. Pick that Pepto Bismol
02:34
as your remedy to your
02:35
for your tummy ache. Now, in this instance,
02:38
if a computer is having issues with this software,
02:42
it receives a new patch to remedy the issue with the older version of the software.
02:51
No,
02:52
let's talk about the war against the automated attacks.
02:57
First and foremost, let's identify what is the automated attack.
03:00
So the automated attack. It's simply when computers do the heavy lifting and finding vulnerable websites to exploit.
03:08
As a postman hacker doing is mainly in their basement.
03:14
So let's look at it. We have the ideas, and I ps
03:20
are basically saying we have the intrusion detection system
03:23
and also the intrusion protection system.
03:29
So
03:30
what a difference between the two.
03:34
So the ODS and I PS boat increase the security level of networks
03:40
not, as basically that's what they do is for us
03:44
the same. Now let's look at it for us.
03:46
Hotter, different.
03:50
So the main difference between one system and utter
03:53
it's the action that they take when an attack is detected in an initial phase.
03:59
As for what networks can in the port scan,
04:02
So let's talk about the intrusion detection system first,
04:05
so it provides that network but a level of preventive security against any suspicious activity.
04:13
The idea's a cheese, the this objective through early warnings
04:16
aimed at system administrators, however, I like I ps.
04:21
It is not designed to block attacks.
04:25
So let's look at I p s
04:28
to an intrusion prevention system
04:30
is a device that controls access to the I T networks in order to protect systems from attack and abuse. It is designed to inspect attack data
04:41
and take correspond in action,
04:44
blocking it as if,
04:46
as it is developing before succeeds,
04:51
creating a series of rules and corporate far wall.
04:57
So next let's look at the little balance.
05:00
Now, as far as a low balances,
05:02
it's basically what it sounds like.
05:04
Load balancers, eh
05:06
system within to enterprise.
05:11
Get off sets
05:13
the loads are basically the payloads of the data that's going to a particular service.
05:18
So what? It actually does this if, for instance, we have 10,000 pieces of data going to
05:26
one server, but if we have another survey that's connected to it,
05:30
it's going to balance. It was gonna
05:31
separated where 5000 is goingto one server,
05:35
and five thousand's going to notice there.
05:38
That way, it's not gonna be over text, and also it can actually prevent an attack.
05:44
As for is a buffer overflow
05:46
that we spoke about in a previous chapter.
05:48
We're basically in a previous
05:51
lesson in which would a buffer overflow does it loads up
05:58
a particular server? Whatmore data that I can handle
06:02
in which it becomes a vulnerability wanted overflow.
06:08
Now let's look at the hosts Anti malware solution.
06:13
Not a host anti Marion Merrell solution. We all have it at home, so we have McAfee.
06:18
We have Kaspersky.
06:20
We have Symantec and a few other.
06:25
You are in a virus and also anti male, where solutions as well, tune which
06:30
it actually goes out, and it's searches
06:34
for viruses,
06:35
Mel, where or anything that could basically attack a computer. So we have computer actually run slow.
06:43
It's being affected by mill where, and it's also being infected by viruses as well.

Up Next

Fundamentals of Vulnerability Management

Most of the successful attacks through a business network could be prevented with vulnerability management. This course focuses on what you can do to automatically manage vulnerabilities and keep your network safe from attack.

Instructed By

Instructor Profile Image
Corey Charles
Founder of DreamVision IT LLC
Instructor