Welcome the CyberRays video, Siri's in the Company of Security Plus 5 +01 Certification and Exam.
I'm your instructor, Rahm Warner.
This video is on section 1.5 explained Vulnerability Scanning concepts, which is part of domain one threat attacks and vulnerabilities.
In this video, we'll talk about the following concepts associated with vulnerability scanning.
We'll dress the process for vulnerability. Scanning passively testing security controls
identifying the vulnerability. Identify the security controls that are lacking and then common Miss configurations.
There are also different types of vulnerability scans You need to be familiar with intrusive versus non intrusive credentials versus non credentialed and what is a false positive.
In the previous video on section 1.4 on penetration testing, I explained the difference between penetration, testing, vulnerability, scanning and risk assessments.
Police refer to that video for information on those topics. Toe. Understand the similarities and differences between them.
I'll begin this video by describing in defining vulnerability and vulnerability. Scanning
vulnerability is a weakness or a flaw in the system that can leave it open toe attack. It may also refer to any type of weakness in the computer system itself and a set of procedures and application. Anything that leaves information security exposed to a threat
of vulnerability scan is an inspection of the potential points of exploit on a computer and network toe. Identify security holes.
It detects and classifies system weaknesses and computers,
networks, applications and communications equipment and predicts the effectiveness of countermeasures.
Be familiar with these definitions as we walk through the steps and attributes in this video.
The goal of a vulnerability scan or vulnerability assessment. Mr. Identify System Network or application Weaknesses. Identify unpatched or not updated systems or applications. Common Miss configuration. So systems that are not complying with a standard baseline
or other types of lax of of security controls
on your screen is a process for conducting a vulnerability scan or vulnerability assessment.
Start by passively testing security controls, not exploiting any vulnerability. It's a passive test, which I'll explain in a moment.
Step two. Identify the vulnerability system flawed or unpatched code. This could be done through an automated system or through manual means should also identify lack of security control so Miss configurations are not setting appropriate standards or policies on the computer system.
Lastly, is identifying common miss configurations by reviewing system settings,
policies or rule sets.
There are different types of vulnerability scans and vulnerability assessments.
First is intrusive versus non intrusive.
I also discussed this when talking about penetration. Testing
should also refer to passive versus active reconnaissance from that video.
An intrusive scan directly engaging the target system to identify weaknesses that could be used to launch an attack actually interfacing with the system that you might be attacking.
A non intrusive vulnerability assessment gains vulnerability information about the targeted computers and networks without actively engaging with the systems.
A good example is cuales es SL lapse, finding information about a website and their certificates using an Internet service.
Another type of vulnerability assessment is credentialed versus non credentialed.
Do you have access credentials, a user, a D and password or not?
Whether or not authenticated credentials are used in scanning credentialed has lesser risks. So we'll use credentials, user ID's and passwords to run my vulnerability test, which is kind of like insider knowledge. It's a type of white box tastic, as opposed to non credentialed, more like black box tastic.
Black Box is a little more realistic compared to white box, so non credentialed, more realistic versus credentialed.
A false positive occurs when a scan mistakenly identifies a vulnerability
when it's not really there.
Beware false positives. And this is why you need to scrub your results of your vulnerability scans to look for false positives because they might be indicative of a security problem. 11 does not really exist
I discussed Section one Die five about vulnerability scanning concepts. Let's practice on a simple quiz question.
You've been asked to conduct an internal vulnerability assessment for your organization.
Which of the following steps should you avoid in determining system or network weaknesses to minimize risk?
Exploiting unpatched applications.
Exploiting is a part of penetration testing
and not a part of vulnerability assessments.
This concludes the video for section 1.5, where I explained vulnerability scanning concept.
Refer to your study material for more information on this topic.