Overview

Vulnerability assessment is a critical security practice that helps identify and classify the security holes in a computer or network infrastructure. Enabling your network or security team to conduct regular, effective vulnerability assessments will allow your organization to evaluate the effectiveness of their existing controls and safeguards, reducing unnecessary spend and maintaining compliance with audit and regulatory requirements, such as HIPAA and PCI.In this course, students will begin by learning how the VA team functions together to perform a good assessment. Students will learn how to develop a project plan, including scoping the most important requirements of the assessment and choosing the methodologies that will be used to test. When a student completes this online training course they will have the knowledge required to manage and conduct a network vulnerability assessment as part of the larger VA team. This course is valid for continuing education units toward CISSP re-certification.

Course Instructor: Mike Vasquez

Course Outline

  • The Tools & the Team – Functional testing vs. policy/procedure review
  • Elements of a Good Vulnerability Assessment
  • Developing a Project Plan
  • Assessing the Biggest Needs
  • Which Methodology?
  • Vulnerability and Security Attack Types
  • Conducting the Assessment
  • Communication Plan
  • Change Management
  • Using a vulnerability scanner
  • Reviewing the Results
  • False Positives
  • Remediation Plans
  • Reporting: Executive and Technical

Skills Learned

After completing this online training course, students will be able to:

  • Understand how a Vulnerability Assessment team works together to perform good assessment
  • Understand how to develop a project plan
  • Knowledge to conduct a Network Vulnerability Assessment
  • Knowledge in choosing the best methodology that will be used to test