2.1.2 Doing Vulnerability Management Part 2 - VM

Video Activity
Join over 3 million cybersecurity professionals advancing their career
Sign up with
or

Already have an account? Sign In »

Time
1 hour 23 minutes
Difficulty
Beginner
CEU/CPE
2
Video Transcription
00:00
Now let's talk about categorizing assets. Let's answer these three questions here.
00:06
What is critical to the business?
00:09
How critical is a vulnerability,
00:11
and lastly, and most important,
00:14
will it be explored?
00:17
An automated vulnerability management system provides the ability to assign priorities of business risk.
00:24
Toe H Network Asset.
00:27
It's much easier to leave the correlation of on abilities, policies and procedures for remediation to computers
00:34
and its form or accurate than using a notebook.
00:39
The Vulnerability Management Asset tracking system incorporates
00:43
these business risk
00:45
when you manage and use the system,
00:50
the results and the results and able an automated system that tracks on network assets by business risk and court lease them against known vulnerabilities.
01:07
So let's talk about scanning vulnerabilities now,
01:10
so we're gonna go ahead and
01:11
discuss
01:12
testing and analyzing devices for vulnerabilities.
01:17
How to profit, arise vulnerabilities
01:19
and streamline decision making for fixes.
01:23
Vulnerability management has many steps, but scanning is the foundational process for finding and fixing network vulnerabilities.
01:33
Choice of scanning technology is the most important element of an effective system. Four of one ability match
01:40
a vulnerability scan tests
01:42
the effectiveness of security policy and controls by examining that network infrastructure for vulnerabilities it's GAM provides to benefits.
01:52
One. The scan systematically test and analyzes his I P devices Service's and applications for known security holes
02:00
and to a post scan report reveals actual vulnerabilities and states what you need to fix an order
02:08
to prioritize.
02:15
So let's talk about launching a scam
02:19
so the vulnerability scan is initiated by a application.
02:24
You could use a schedule scan to run automatically, or you could run one
02:31
on requests.
02:34
The scan request needs to indicate the particular holds You want to check for vulnerabilities.
02:39
Also, you want to specify as many combinations of I P numbers ranges of I, P's and SS groups.
02:49
So here's what you need to gather before you launch
02:53
one. At a minimum,
02:55
Need eyepiece or I P ranges
02:58
for your organization's domain and some networks.
03:00
Two.
03:01
If you want to scan specific devices, you need to identify them by I pee before launching the sky.
03:09
And lastly,
03:10
you need to
03:13
have ready I P's for your organization's business for your organization's business partners whose networks integrate business functions. Share it with applications on your network.
03:24
Some business regulations require scans for business partners to ensure the confidentiality integrity and availability of personally identifiable information,
03:35
whether for customers, employees a partners
03:38
Alert these partners. If your organization needs to. Skander, I appease. Integrate with your network.
03:47
Now let's talk about what do you need for scanning?
03:52
So one you need i p address
03:54
Without I p address
03:57
vulnerability management
03:59
is moot.
04:01
You need I P address to identify dance. It's on the inside of the scanner, basically the assets that's within your environment.
04:11
Two
04:12
vulnerability database,
04:15
a database
04:16
or basically the repositories within affordability. Imagine two holes, all the I P addresses,
04:23
and it actually groups it by assets
04:27
so the assets can be grouped by Windows,
04:30
which is that operating system.
04:32
It became the group by
04:34
Lennox
04:36
and also can be grouped by E. S X
04:42
and the tools as needed.
04:45
Open vase Ness's qualities Rapid seven.
04:49
Retina
04:51
scab analyst can go on.
04:55
These tools are needed to perform
04:58
vulnerability scans.
05:00
These are the actual tools that communicates with the server or that database
05:05
in which once you authenticate,
05:08
which means to get inside of that server,
05:12
it actually goes, and within that server it searches
05:16
for vulnerabilities.
05:17
It gathers the information as far as how many foreign abilities exists
05:21
and it gives it to you in a report,
05:29
it says, Look at the post assessment.
05:30
I don't need to use the two to test for vulnerabilities.
05:33
Is that true or folks?
05:38
The answer here is folks you do need a tool to test.
05:45
So let's look at the summer here.
05:47
In this video, we wrapped up our discussion about the benefit of security policies and vulnerability management and the importance of tracking inventory.
05:57
In the next video,
05:59
we'll talk about
06:00
verifying vulnerabilities against inventory.
Up Next
Fundamentals of Vulnerability Management

Most of the successful attacks through a business network could be prevented with vulnerability management. This course focuses on what you can do to automatically manage vulnerabilities and keep your network safe from attack.

Instructed By