Please enable JavaScript.
Coggle requires JavaScript to display documents.
CompTIA Security+ Certification Support Skills - Coggle Diagram
CompTIA Security+ Certification Support Skills
Vulnerability Assessments and Pentests
Vulnerability assessment
Penetration testing
Security Assessment Techniques
Determine a methodology and scope eg NIST SP 800-115
Scope
Other methodologies / certification / use of contractors
Establishing a Methodology
“No holds barred” or rules and restrictions
Identify only or identify and exploit?
Attack profile
Environment and disclosure
Vulnerability Scanners
Software configured with list of known exploits / vulnerabilities
Active or passive detection
Host / OS or web application
Standards-based reporting
Intrusive versus non-intrusive scanning
Credentialed versus non-credentialed scanning
Identifying lack of controls and misconfigurations
Interpreting scan results
Honeypots and Honeynets
Analyze and identify attacks
Act as decoys
Low interaction
High interaction