1
00:00:15,010 --> 00:00:20,210
Let us start with the news section vulnerability assessment in this lecture.

2
00:00:20,620 --> 00:00:23,900
They're going to learn an introduction to vulnerability assessment.

3
00:00:24,790 --> 00:00:26,530
So what is vulnerability assessment?

4
00:00:27,280 --> 00:00:33,040
Vulnerability assessment refers to the process of identifying risks and vulnerabilities in a computer

5
00:00:33,040 --> 00:00:37,840
network system, hardware applications and other parts of IT ecosystem.

6
00:00:38,590 --> 00:00:44,290
When their ability assessments provide security teams and other stakeholders with the information they

7
00:00:44,290 --> 00:00:52,030
need to analyze and prioritize risks for potential remediation in the proper context, vulnerability

8
00:00:52,030 --> 00:00:57,310
assessments are a critical component of the vulnerability management and I.T. risk management lifecycle,

9
00:00:57,760 --> 00:01:03,220
thus helping protect systems and data from unauthorized access and data breaches.

10
00:01:04,060 --> 00:01:10,840
When the assessment typically leverages tools like vulnerability scanners to identify threats and flaws

11
00:01:11,080 --> 00:01:17,950
within an organization's I.T. infrastructure that represents potential vulnerabilities or risk exposures

12
00:01:18,430 --> 00:01:20,800
through Iowa, Narrabundah assessments are important.

13
00:01:21,610 --> 00:01:27,880
Vulnerability assessments allow security teams to apply consistent, comprehensive and clear approach

14
00:01:28,000 --> 00:01:31,570
in identifying and resolving security threats and risks.

15
00:01:32,390 --> 00:01:39,730
There are several benefits to an organization like early and consistent identification of threats and

16
00:01:39,730 --> 00:01:46,030
weaknesses in I.T. security remediation actions to close any gaps and protect sensitive systems and

17
00:01:46,030 --> 00:01:46,720
information.

18
00:01:47,560 --> 00:01:54,220
Meet cybersecurity, compliance and regulatory needs for areas like HIPAA and PCI.

19
00:01:54,220 --> 00:02:00,610
DHS, protect against data breaches and other unauthorized access is vulnerability.

20
00:02:00,610 --> 00:02:06,880
Assessment is important because an administrator needs vulnerability research like to gather information

21
00:02:06,880 --> 00:02:13,450
about security threats, threats and attacks, and thus when the assessment is very important for any

22
00:02:13,450 --> 00:02:17,380
pain test, what other types of vulnerability assessment?

23
00:02:17,950 --> 00:02:21,550
First is the active assessment inactive assessment.

24
00:02:21,670 --> 00:02:26,350
It uses a network scanner to find hosts, services and vulnerabilities.

25
00:02:26,830 --> 00:02:28,690
Next is the passive assessment.

26
00:02:29,140 --> 00:02:35,110
It is a technique used to sniff the network traffic to find out active systems, network services,

27
00:02:35,110 --> 00:02:38,050
applications and vulnerabilities present in the system.

28
00:02:38,860 --> 00:02:40,090
External assessment.

29
00:02:40,780 --> 00:02:46,750
It assesses the network from a hackers point to find what types of exploit and vulnerabilities are present

30
00:02:46,750 --> 00:02:47,410
in the system.

31
00:02:48,130 --> 00:02:49,150
Internal assessment.

32
00:02:49,690 --> 00:02:54,730
It is a technique to scan the internal infrastructure to find out experts and the vulnerabilities.

33
00:02:55,540 --> 00:02:56,980
Host risk assessment.

34
00:02:57,520 --> 00:03:03,460
It determines the vulnerabilities in a specific workstation or server, a performing configuration level.

35
00:03:03,460 --> 00:03:07,570
Check through to the command line network assessments.

36
00:03:08,080 --> 00:03:15,520
It determines the possible network security attacks that may occur in the organization system application

37
00:03:15,520 --> 00:03:16,210
assessments.

38
00:03:17,020 --> 00:03:23,620
It tests the web infrastructure for any misconfiguration and for the known vulnerabilities and the last.

39
00:03:23,620 --> 00:03:30,640
Its wireless network assessments determines the vulnerabilities in the organization's wireless networks.

40
00:03:31,750 --> 00:03:33,310
This is all for this lecture.

41
00:03:34,000 --> 00:03:39,130
In the next lecture, we will see the phases of vulnerability assessment with different tools.