in this video, I'm gonna be showing you how to create a site within expos.
In order to run scans, you must set up at least one side containing at least one asset. A site is a group of assets assembled for a scam by specific, dedicated scan engine.
The grouping principal Maybe something meaningful to you, such as, Ah common geographic location, a range of I P addresses or a specific type of skin.
To begin setting up a site. Click on the new site, but on the whole page,
this will bring you to the general Tap on the site configuration page. Note that only the fields in red are required, so the first thing you want to do is type a name for your site.
This could be anything you like and can be changed at any time.
You can also put a brief description for your site and select a level of importance from the job down list
Importance level. Gars wants to risk back to the next pose uses to calculate a risk index for each site.
So once we've given you, said a name, click on next in the upper right hand corner.
This will bring you to the devices page, where you list all of your target assets. View new site
you can enter. The address is in the text box. Labeled Devices to Scan
Addresses may incorporate any valid next post convention,
including that of notation,
fully qualified domain name, host, name or just arranged by P addresses.
You also have the option to import a text file that list the assets you want to skin.
You could do so by clicking on the browse button and selecting the appropriate text file.
Next was also his ability to blacklist any devices that do not want. Scan within the SEC.
Prevent assets from being scanned into the address is in the box labeled devices to exclude.
Or you can also employed a textile. Justus before
can also exclude assets were being scanned in all of her sides. Throaty deployment on the Global Device Exclusion page, which is found under the administration tab.
So once you've specified all of your target assets, you move on to the Scan settings page by clicking on next
Hey, you will select a scan template and scan engine to perform the skins.
The default is a full auto scan template,
which includes all but policy checks.
As you can see, there are a number of others built in a CZ. Well,
you like to see more details on any of them can Quick, on the browse button right here.
For the purpose of the video, I'm gonna go ahead and stick with full audit.
Next, you would choose the engine that you would like to actually perform the scans. The default is a local scan engine, which is the one built into the next was console.
If you've deployed distributed engines, they will be listed here and you can specify which one to use.
If you'd like to automate the scans, you click on the enable schedule button and specify a time and date.
If you're configuring a recurring scan, you would just need to specify whether you would like next post to restart from the beginning or continue where the last scheduled scan left off.
Once you specified all of your scan settings, you can go back up and click on next.
This will bring you to the alerting tab where you could optionally set up next bows to alert you on certain scan events. If you would like to set up an alert quick on the new alert button
to begin. Click on the enable alert button
to ensure that next boat's generates stay alert.
You can click the box again any time to disable the alert if you prefer not to receive the alert temporarily without having to do with it
next, this type of name for the alert And if you'd like to limit the number of alerts it received, you could do so on the box below.
After that, just choose what you'd like to be alerted for and the notification method
nice. Wilson sent a letter to be a SMTP email s and M p message or SIS lock message.
Your selection here will control which additional fields
appear below this box
with all just fill in the appropriate information.
Lastly, you can choose to limit the alert text.
Limited text alerts only include the name and severity. This is a security option for alert sent over the Internet or his text message to mobile devices.
Quick, the save button and your new alert will appear in the learning Paige
the final step to configure site setting up scan credentials. You do so vice cooking on next.
This step is optional, but establishing log in credentials for you scan engine enables it to form deep checks, inspecting assets for a wider range of vulnerabilities. Such a CZ policy violations, adware, all spyware. Additionally, credential scans can check for software applications and packages such as hot pics
to set up credentials. Click on the new log in button
and select the desired type of credential from the dropdown.
You can see there's a wide range of credential. Options to selection determines other fields that appear in the form.
However, all the forms include fails venturing some kind of user name and password
for this I'm gonna choose myself Windows.
Also, if you are supplying credentials, they do need to be administrated the next bus to probably run the scans.
Once you've entered in the user name and password, you know, wanna entering a device to test of credentials with
Once you've done so quick on the test locking button,
you should receive a log in accepting message. If next was applies, a credential successfully
garden, click okay and remove the device from the restricted device field.
Not doing so well, causing exposed only user credentials on that specific device so bad and click save
the new credentials appear in the credentials page.
No, The next was protects all credentials with Arcee encryption and trouble deaths encryption before storing them in its database.
After you finished configuring site, click the Save Button that if he has an average page of The Wizard,
your new site will now appear in the site listing.
For more information on anything discussed in this video, you can click on the sport link in the upper right hand corner.
NeXpose Vulnerability Management
Data breaches are growing at an alarming rate. Your attack surface is constantly changing, the ...
Certificate of Completion Offered
This course on Certified in Risk and Information Systems Control is for IT and business ...
7 CEU/CPE Hours Available
Certificate of Completion Offered