Given a scenario, implement an information security vulnerability management process. CompTIA Cybersecurity Analyst (CySA+) Certification Exam Objectives Version 3.0 Identification of Requirements One of the key parts of managing vulnerabilities is knowing what the enterprise is trying to achieve. The first set of requirements often come from regulatory bodies. Some of these are listed below. […]
Explain the purpose of practices used to secure a corporate environment. CompTIA Cybersecurity Analyst (CySA+) Certification Exam Objectives Version 3.0 Penetration Testing Penetration testing is performed by security analysts to test a network to see where security improvements can be made. The testing could be external or internal and may vary in scope. A definition […]
The Common Vulnerability Scoring System (CVSS) is part of the Security Content Automation Protocol (SCAP). It allows security researchers to quantitatively evaluate the risk posed by a vulnerability. CVSS is comprised of three metric groups. The scoring ranges from 0-10. For the purposes of the current version of the exam (as of 1/1/2019), CVSS v2 […]
The Security Content Automation Protocol (SCAP) is a standard that defines how software flaws and configuration errors are classified. Four components make up SCAP. Common Configuration Enumeration (CCE) The Common Configuration Enumeration (CCE) is a list of best practices maintained by the National Institute of Standards and Technology (NIST). They may be downloaded from the […]
© Ben Story 2024.
© Pack IT Forwarding 2024. Powered by WordPress
