Vulnerability Assessment Training: Protecting Your Organization

Course 589

  • Duration: 4 days
  • Labs: Yes
  • Language: English
  • 23 CompTIA CEUs
  • 23 NASBA CPE Credits (live, in-class training only)
  • Level: Intermediate
Get This Course $2,990
  • 4-day instructor-led training course
  • One-on-one after course instructor coaching
  • Earn 23 CompTIA CEUs
  • Pay later by invoice -OR- at the time of checkout by credit card
  • Guaranteed to Run - you can rest assured that the class will not be cancelled.
    Oct 11 - 14 9:00 AM - 4:30 PM EDT
  • Dec 20 - 23 9:00 AM - 4:30 PM EST
    Herndon, VA or Virtual
  • Feb 21 - 24 9:00 AM - 4:30 PM EST
    New York or Virtual
  • Apr 3 - 6 9:00 AM - 4:30 PM EDT
    Ottawa or Virtual
  • Jun 26 - 29 9:00 AM - 4:30 PM EDT
    Herndon, VA or Virtual
  • Aug 22 - 25 9:00 AM - 4:30 PM EDT
    New York or Virtual

In this Vulnerability Assessment training course, you learn how to create a network security vulnerability assessment checklist by exposing infrastructure, server, and desktop vulnerabilities, create and interpret reports, configure vulnerability scanners, detect points of exposure, and ultimately prevent network exploitation.

To minimize costly security breaches, organizations need to evaluate the risk in their enterprise from an array of vulnerabilities. Attend this 4-day course and learn to minimize your organization's exposure to security breaches.

  • Basic understanding of network security and security issues at the level of:
  • You should have an understand of:
    • TCP/IP networking
    • Network security goals and concerns
    • The roles of firewalls and intrusion detection systems

Vulnerability Assessment Training: Protecting Your Organization Delivery Methods

  • After-course instructor coaching benefit
  • Learning Tree end-of-course exam included

Vulnerability Assessment Training: Protecting Your Organization Course Benefits

Detect and respond to vulnerabilities, and minimize exposure to security breachesEmploy real-world exploits and evaluate their effect on your systemsConfigure vulnerability scanners to identify weaknessesAnalyze the results of vulnerability scansEstablish an efficient strategy for vulnerability management

Vulnerability Assessment Course Outline


  • Defining vulnerability, exploit, threat and risk
  • Creating a vulnerability report
  • Conducting an initial scan
  • Common Vulnerabilities and Exposure (CVE) list

Scanning and exploits

  • Vulnerability detection methods
  • Types of scanners
  • Port scanning and OS fingerprinting
  • Enumerating targets to test information leakage
  • Types of exploits: worm, spyware, backdoor, rootkits, Denial of Service (DoS)
  • Deploying exploit frameworks

Uncovering infrastructure vulnerabilities

  • Uncovering switch weaknesses
  • Vulnerabilities in infrastructure support servers
  • Network management tool attacks

Attacks against analyzers and IDS

  • Identifying Snort IDS bypass attacks
  • Corrupting memory and causing Denial of Service

Exposing server vulnerabilities

  • Scanning servers: assessing vulnerabilities on your network
  • Uploading rogue scripts and file inclusion
  • Catching input validation errors
  • Performing buffer overflow attacks
  • SQL injection
  • Cross–Site Scripting (XSS) and cookie theft

Revealing desktop vulnerabilities

  • Scanning for desktop vulnerabilities
  • Client buffer overflows
  • Silent downloading: spyware and adware
  • Identifying design errors

Implementing scanner operations and configuration

  • Choosing credentials, ports and dangerous tests
  • Preventing false negatives
  • Creating custom vulnerability tests
  • Customizing Nessus scans
  • Handling false positives

Creating and interpreting reports

  • Filtering and customizing reports
  • Interpreting complex reports
  • Contrasting the results of different scanners

Researching alert information

  • Using the National Vulnerability Database (NVD) to find relevant vulnerability and patch information
  • Evaluating and investigating security alerts and advisories
  • Employing the Common Vulnerability Scoring System (CVSS)

Identifying factors that affect risk

  • Evaluating the impact of a successful attack
  • Determining vulnerability frequency
  • Calculating vulnerability severity
  • Weighing important risk factors
  • Performing a risk assessment

The vulnerability management cycle

  • Standardizing scanning with Open Vulnerability Assessment Language (OVAL)
  • Patch and configuration management
  • Analyzing the vulnerability management process

Vulnerability controversies

  • Rewards for vulnerability discovery
  • Markets for bugs and exploits
  • Challenge programs

Need Help Finding The Right Training Solution?

Our training advisors are here for you.

Course FAQs

The process of defining, identifying, classifying and prioritizing what vulnerabilities are in your system.

The purpose of this assessment is to find out what vulnerabilities may be within your system in time to fix them.

A vulnerability assessment scans for known vulnerabilities, while a penetration test tries to actively exploit and fix the weaknesses.

Yes! We know your busy work schedule may prevent you from getting to one of our classrooms which is why we offer convenient online training to meet your needs wherever you want. This course is available in class and live online.

Chat With Us