Maxtrain.com - info@maxtrain.com - 513-322-8888 - 866-595-6863
Certified Vulnerability Assessor On-Demand
Description
The Certified Vulnerability Assessor (CVA) On-Demand training is a comprehensive self-paced program designed for individuals with basic networking understanding. This course is ideal for information system owners, analysts, ethical hackers, ISSOs, cyber security managers, and IT engineers. It focuses on the critical importance of vulnerability assessments, equipping participants with the knowledge and skills required for effective vulnerability assessment practices.
Key course objectives include:
- Vulnerability Assessment Proficiency: Develop specialized knowledge and skills in vulnerability assessment.
- Application of Knowledge: Learn to apply vulnerability assessment concepts in real-world scenarios.
- Enhancing Security: Understand the significance of vulnerability assessment in preventing security breaches.
Outline
Module 1 – Why Vulnerability Assessment?
- Overview of Vulnerability Assessment
- Benefits and Importance of Vulnerability Assessment
- Understanding Vulnerabilities
- Security Vulnerability Life Cycle
- Compliance and Project Scoping
- The Project Overview Statement
- Assessing Current Network Concerns
- Vulnerabilities in Networks
- Network Vulnerability Assessment Methodology
- Risk Management
- Qualitative and Quantitative Analysis
- Countermeasure Criteria
- Policy Review Methodology
- Technical (Bottom-Up) Methodology
Module 2 – Vulnerability Types
- Overview of Vulnerability Types
- Critical Vulnerabilities and Types
- Buffer Overflows
- URL Mappings to Web Applications
- IIS Directory Traversal
- Format String Attacks
- Default Passwords
- Misconfigurations
- Known Backdoors
- Information Leaks
- Memory Disclosure
- Denial of Service
- Best Practices
Module 3 – Assessing the Network
- Network Security Assessment Platform
- Internet Host and Network Enumeration
- Footprinting Tools and Techniques
- Google Hacking and Operators
- Domain Name Registration and WHOIS
- DNS Databases and Querying
- Web Server Crawling and Enumeration
- NMAP Scanning Techniques
- Null Sessions and SMB
- Windows Networking Services Countermeasures
Module 4 – Assessing Web Servers
- Fingerprinting Accessible Web Servers
- Identifying and Assessing Reverse Proxy Mechanisms
- Web Application Profiling
- SQL Injection and Cross-Site Scripting (XSS)
- Authentication Issues and Parameter Modification
- Web Security Checklist
Module 5 – Assessing Remote VPN Services
- Assessing Remote and VPN Services
- Retrieving DNS Service Version Information
- Forward DNS Grinding and Other Techniques
- Common Remote Services and Protocols
Module 6 – Vulnerability Tools of the Trade
- Vulnerability Scanners (Nessus, SAINT, Retina, Qualys Guard, LANguard)
- Dealing with Assessment Results
- Patch Management Options
Module 7 – Output Analysis
- Staying Abreast: Security Alerts and Vulnerability Research
- Tools and Reports Analysis
This comprehensive course outline ensures that participants of the Certified Vulnerability Assessor (CVA) On-Demand training program have access to structured and detailed content, enabling them to learn vulnerability assessment practices at their own pace.
PreRequisites
Basic networking understanding
Audience
- Information System Owners
- Analysts
- Ethical Hackers
- ISSO’s
- Cyber Security Managers
- IT Engineer
$1095.00
|
|