Monthly Archives: March 2023
CompTIA CYSA+ CS0-002 – Enumeration Tools Part 1
1. Enumeration Tools (OBJ 1.4) Enumeration tools. In this lesson, we’re going to talk about some of the enumeration tools that we’re going to experience as we’re trying to enumerate our networks. Now, what exactly is enumeration? Well, enumeration is the process to identify and scan network ranges and hosts that belong to the target… Read More »
CompTIA CYSA+ CS0-002 – Vulnerability Scanning Part 3
6. Scheduling and Constraints (OBJ 1.3) Scheduling and constraints. In this lesson, we’re going to talk about scheduling and constraints. So the first question I have for you is, how often should you scan? Well, this is going to be determined based on your internal risk management decisions of your organization. If you have a… Read More »
CompTIA CYSA+ CS0-002 – Vulnerability Scanning Part 2
4. Scanner Types (OBJ 1.3) Scanner types. In this lesson, we’re going to talk about the different ways you can configure your scanner. Now, different scanners have different capabilities. Some are going to be passive, some are going to be active, and some are going to be active with particular configurations that we’re going to… Read More »
CompTIA CYSA+ CS0-002 – Vulnerability Scanning Part 1
1. Identifying Vulnerabilities (OBJ 1.3) Identifying vulnerabilities. In this lesson, we’re going to talk about the importance of identifying vulnerabilities. And the way we do this is through a vulnerability assessment. Now, it is really important to identify vulnerabilities so that you can then mitigate those vulnerabilities. Remember, every vulnerability in your system represents a… Read More »
CompTIA CYSA+ CS0-002 – Mitigating Vulnerabilities Part 2
4. Hardening and Patching (OBJ 1.3) Hardening and patching. In this lesson we’re going to talk about two key terms. And I know I’ve used these words before, but we’ve never really defined them. These are hardening and patching. Now, when I talk about system hardening, this is the process by which a host or… Read More »
CompTIA CYSA+ CS0-002 – Mitigating Vulnerabilities Part 1
1. Mitigating Vulnerabilities (Introduction) In this section of the course, we’re going to cover how to analyze output from vulnerability scanners. We’re going to stay in domain one in this section of the course, but we are going to cover multiple objectives this time, including objective 1213 and one four. Now, objective one two states… Read More »
CompTIA CYSA+ CS0-002 – Detection and Containment Part 2
5. Impact Analysis (OBJ 3.1) Impact analysis. When we talk about impact analysis, this is a really important concept as part of our triage function. Now, when we talk about triage, really what we’re focused on is how do you look at an event and decide how severe it is and how much priority you… Read More »
CompTIA CYSA+ CS0-002 – Detection and Containment Part 1
1. Detection and Containment (Introduction) In this section of the course, we’re going to continue our discussion of incident responses by focusing on two phases the detection and analysis phase and the containment phase. We’re going to be covering domain three and domains four in this section of the course, specifically focusing on objectives 4.… Read More »
CompTIA CYSA+ CS0-002 – Analyzing Output from Vulnerability Scanners Part 3
6. OpenVAS and Qualys (OBJ 1.4) Openvoss and qualis. In the last lesson we talked about Nessus, which is a commercially available scanner. In this lesson, I want to talk about two more OpenVAS and Qualis. Now, Nessus began its life as an open source software project, which means it was available for anybody to… Read More »
CompTIA CYSA+ CS0-002 – Analyzing Output from Vulnerability Scanners Part 2
4. Vulnerability Reports (OBJ 1.3) Vulnerability reports. In this lesson we’re going to dig into those vulnerability reports and understand a little bit more about them. Now before we do that, we have to remember that a vulnerability report that is not validated is essentially useless. If I run the scanning tool and I take… Read More »