From the course: CISSP Cert Prep (2021): 6 Security Assessment and Testing
Join today to access over 22,600 courses taught by industry experts or purchase this course individually.
Identify scan targets
From the course: CISSP Cert Prep (2021): 6 Security Assessment and Testing
Identify scan targets
- [Instructor] As you get a vulnerability management program underway, your first step is to develop requirements for that program. You'll think through whether the program is based upon a general desire to improve security, a response to regulatory requirements, or a reaction to corporate policy. Once you've done that, your next step is to turn those general requirements into a list of the specific systems and networks that you want to scan. In order to create this list, you need to have an asset inventory that you can trust. If your organization practices good asset management already, you may find that you already have this inventory ready to draw into your vulnerability management program. You might find that your organization's configuration management tools already have a complete inventory of systems and devices on your network. And, in the best case, that the inventory is kept up-to-date with information from…
Download courses and learn on the go
Watch courses on your mobile device without an internet connection. Download courses using your iOS or Android LinkedIn Learning app.