From the course: Certified Information Security Manager (CISM) Cert Prep (2022): 2 Information Security Risk Management
Join today to access over 24,900 courses taught by industry experts.
Scan perspective
From the course: Certified Information Security Manager (CISM) Cert Prep (2022): 2 Information Security Risk Management
Scan perspective
- [Instructor] All vulnerability scans are not alike. While you may set scans to test the same systems using the same tool on the same ports and services, there are other factors that may affect what you see in your scan results. Let's talk about scan perspective. The most important component of scan perspective is the scanner's location on the network, relative to the systems being scanned. For example, consider this typical network diagram showing a firewall that connects an organization to the internet, and also segments a DMZ that contains a web server accessible to the outside world. If, as in this diagram, the vulnerability scanner is also in the DMZ, the scanner has unrestricted access to the web server because it doesn't need to pass through the firewall to get there. However, if the vulnerability scanner is instead located on the internal network, we have a totally different picture. Now the vulnerability scanner's…
Download courses and learn on the go
Watch courses on your mobile device without an internet connection. Download courses using your iOS or Android LinkedIn Learning app.
Contents
-
-
-
-
-
-
-
-
-
(Locked)
What is vulnerability management?5m 2s
-
(Locked)
Identify scan targets4m 24s
-
(Locked)
Scan configuration5m 20s
-
(Locked)
Scan perspective4m 24s
-
(Locked)
Security Content Automation Protocol (SCAP)2m 27s
-
(Locked)
Common Vulnerability Scoring System (CVSS)3m 31s
-
(Locked)
Analyzing scan reports4m 30s
-
(Locked)
Correlating scan results2m 20s
-
(Locked)
-
-
-
-
-
-