From the course: CompTIA Cybersecurity Analyst (CySA+) (CS0-003) Cert Prep
Join today to access over 24,200 courses taught by industry experts.
Vulnerability scanning tools
From the course: CompTIA Cybersecurity Analyst (CySA+) (CS0-003) Cert Prep
Vulnerability scanning tools
- [Instructor] In this course, I'm using the Nessus vulnerability scanner to show you examples of real world vulnerability scanning. When you take the exam, you should know that this is just one of many vulnerability scanners on the market. Let's take a look at a few of the important ones. Nessus, the product that we've been using, is one of the oldest vulnerability scanners available. It's made by Tenable, and it's very popular among cybersecurity professionals. OpenVAS provides an open source alternative for those who might not have the budget for a commercial scanner. While most commercial vulnerability scanners also include tools for testing web applications, there are also dedicated tools that focus on web application security. Arachni is one open source tool that performs web application security tests, and Nikto is another open source alternative. You won't need to know the specific features of every vulnerability scanning tool. You should be able to recognize the major…
Download courses and learn on the go
Watch courses on your mobile device without an internet connection. Download courses using your iOS or Android LinkedIn Learning app.
Contents
-
-
(Locked)
Identification, authentication, authorization, and accounting3m 34s
-
(Locked)
Usernames and access cards3m 23s
-
(Locked)
Biometrics2m 42s
-
(Locked)
Authentication factors4m 25s
-
(Locked)
Multifactor authentication2m 35s
-
(Locked)
Something you have4m 24s
-
(Locked)
Password authentication protocols3m 10s
-
(Locked)
Single sign-on and federation3m 9s
-
(Locked)
Passwordless authentication1m 48s
-
(Locked)
Privileged access management2m 31s
-
(Locked)
Cloud access security brokers5m 15s
-
(Locked)
-
-
(Locked)
OWASP Top 105m 36s
-
(Locked)
Prevent SQL injection4m 25s
-
(Locked)
Understand cross-site scripting4m 46s
-
(Locked)
Request forgery4m 8s
-
(Locked)
Privilege escalation1m 56s
-
(Locked)
Directory traversal3m 6s
-
(Locked)
File inclusion1m 46s
-
(Locked)
Overflow attacks3m 21s
-
(Locked)
Cookies and attachments4m 6s
-
(Locked)
Session hijacking4m 8s
-
(Locked)
Race conditions2m 13s
-
(Locked)
Memory vulnerabilities3m 34s
-
(Locked)
Code execution attacks2m 43s
-
(Locked)
Data poisoning55s
-
(Locked)
Third-party code3m 38s
-
(Locked)
Interception proxies5m 22s
-
(Locked)
-
-
(Locked)
Input validation2m 41s
-
(Locked)
Parameterized queries3m
-
(Locked)
Authentication and session management issues1m 49s
-
(Locked)
Output encoding3m 13s
-
(Locked)
Error and exception handling3m
-
(Locked)
Code signing2m 8s
-
(Locked)
Database security3m 53s
-
(Locked)
Data de-identification2m 44s
-
(Locked)
Data obfuscation2m 12s
-
(Locked)
-
-
(Locked)
Build an incident response program4m 13s
-
(Locked)
Creating an incident response team2m 15s
-
(Locked)
Incident communications plan2m 44s
-
(Locked)
Incident identification4m 26s
-
(Locked)
Escalation and notification2m 29s
-
(Locked)
Mitigation2m 20s
-
(Locked)
Containment techniques3m
-
(Locked)
Incident eradication and recovery5m 39s
-
(Locked)
Validation2m 24s
-
(Locked)
Post-incident activities4m 17s
-
(Locked)
Incident response exercises1m 37s
-
(Locked)
-
-
(Locked)
Conducting investigations3m 50s
-
(Locked)
Evidence types3m 28s
-
(Locked)
Introduction to forensics3m 21s
-
(Locked)
System and file forensics4m 26s
-
(Locked)
File carving3m 46s
-
(Locked)
Creating forensic images5m 30s
-
(Locked)
Digital forensics toolkit2m 25s
-
(Locked)
Operating system analysis6m 9s
-
(Locked)
Password forensics7m 16s
-
(Locked)
Network forensics4m 1s
-
(Locked)
Software forensics4m 25s
-
(Locked)
Mobile device forensics1m 10s
-
(Locked)
Embedded device forensics2m 30s
-
(Locked)
Chain of custody1m 50s
-
(Locked)
Ediscovery and evidence production3m 3s
-
(Locked)