Vulnerability Management with Nessus
1h 42mIntermediate2024-07-11
Authors

Mike Chapple
Teaching Professor at the University of Notre Dame
Course details
It only takes one misconfigured device or missing patch for hackers to infiltrate your network. Fix the flaws in your systems before attackers can find them with Nessus, the network vulnerability scanner popular among cybersecurity analysts, sys admins, and network engineers. Using Nessus, you can scan servers, endpoints, and other network devices and check them against a database of thousands of known vulnerabilities. In this course, instructor Mike Chapple teaches you how to install Nessus, configure scans, and interpret the output. He explains how to create a vulnerability management program as well as a remediation workflow that will help you detect, understand, and resolve vulnerabilities before they are exploited.
Skills covered
NessusTenableSecurity TestingVulnerability ManagementCybersecurityDeep Dive (X:Y)
Concepts
0. Introduction
- 01 - Managing vulnerabilities with Nessus
- 02 - What you need to know
1. Setting Up Nessus
- 03 - Nessus editions
- 04 - Installing Nessus Manager on Linux
- 05 - Installing Nessus Manager on Windows
- 06 - Accessing the Nessus console
2. Creating a Vulnerability Management Program
- 07 - What is vulnerability management
- 08 - Identify scan targets
- 09 - Scan frequency
3. Configuring and Executing Vulnerability Scans
- 10 - Scan configuration
- 11 - Scan perspective
- 12 - Scanner maintenance
4. Remediating Vulnerabilities
- 13 - Report scan results
- 14 - Prioritize remediation
- 15 - Create a remediation workflow
- 16 - Barriers to vulnerability remediation
5. Analyzing Scan Results
- 17 - SCAP
- 18 - CVSS
- 19 - Interpreting CVSS scores
- 20 - Analyzing scan reports
- 21 - Correlating scan results
6. Common Vulnerabilities
- 22 - Server vulnerabilities
- 23 - Endpoint vulnerabilities
- 24 - Network vulnerabilities
- 25 - Preventing SQL injection
- 26 - Understanding cross-site scripting
- 27 - Request forgery
- 28 - Overflow attacks
- 29 - Code execution attacks
- 30 - Privilege escalation
- 31 - OWASP Top Ten
- 32 - Defending against directory traversal
- 33 - Race condition vulnerabilities
Conclusion
- 34 - Next steps
Related courses
- Security Testing: Vulnerability Management with Nessus
- Google Cloud Professional Cloud Architect Cert Prep: 3 Designing for Security and Compliance
- Cybersecurity Risk Management Fundamentals by Pearson
- Vulnerability Management in Cybersecurity: The Basics
- Privacy and Compliance in the Age of GenAI: Data Governance, Classification, and Inventory
- Vulnerability Management: Assessing the Risks with CVSS, CISA KEV, EPSS, and SSVC
- Vulnerability Management: Assessing the Risks with CVSS v3.1
- Controlling Cybersecurity Risk with Defender Vulnerability Management
Related learn paths
- Become an IT Security Specialist
- Prepare for the CompTIA Cybersecurity Analyst + (CySA+) (CS0-002) Certification Exam
- Prepare for the CompTIA Cybersecurity Analyst (CySA+) (CS0-003) Certification
- Prepare for the CompTIA Security+ (SY0-701) Certification
- Navigating the Cybersecurity Threat Landscape
- Leverage AI as a Cybersecurity Analyst
- CyberOps Associate: Prepare for the Cisco Cybersecurity Operations Fundamentals (200-201 CBROPS) Exam
- Introduction to Fundamental Skills for Data Work: Data Management