Information Gathering and Vulnerability Identification for CompTIA PenTest+
Course info
Course info
Description
Now that you have finished identifying, enumerating, and uncovering vulnerabilities through your active and passive reconnaissance efforts, you have to now figure out what do with this data.
In this course, Information Gathering and Vulnerability Identification for CompTIA PenTest+, you will learn foundational knowledge of and gain the ability to analyze the vulnerabilities you've discovered. First, you will learn how to choose the right vulnerability scanner, be it open-source or commercial, on-prem or cloud-based. Next, you will discover how to organize said data by categorizing the assets, identifying false-positives and preparing for adjudication. Finally, you will explore how to transform this data into actionable exploits. When you’re finished with this course, you will have the skills and knowledge of analyzing the vulnerabilities or order to prepare for the next stage of the penetration testing lifecycle.
About the author
Dale Meredith has been a Certified Ethical Hacker/Instructor EC-Council for the past 15 years, and Microsoft Certified Trainer for over 20 years. Dale also has an additional 7 years of senior IT management experience and worked as a CTO for a popular ISP provider. Dale's expertise is in explaining difficult concepts and ensuring his students have an actionable knowledge of the course material.
More from the author
Section Introduction Transcripts
Course Overview
Hey everyone. My name is Dale Meredith, and I want to welcome you to my course, Information Gathering and Vulnerability Identification for CompTIA PenTest+. Now this course is part 5 of the series for CompTIA PenTest+ Certification Program. Hey, but guess what, this isn't going to be just a course about all you need to know for certification. We'll talk about those things, but we'll also cover other information that's more real‑world and based on some of my own personal experiences. Hey, I'm all about the value. So at this point in the series, we've finished identifying, enumerating, and uncovering vulnerabilities through our active and passive reconnaissance efforts, but now it's time to use our toolset and skills to identify how to exploit those said vulnerabilities to attack the target organization. So, our next step is to figure out what to do with this data. In this course, you'll learn the fundamental knowledge of and gain the ability to analyze the vulnerabilities that we've discovered. First, you'll learn how to choose the right vulnerability scanner, be it open source or commercial, on‑prem, or even cloud‑based. Next, you'll discover how to organize said data by categorizing the assets, identifying false positives, and preparing for adjudication. Finally, you'll explore how to transform this data into actionable exploits, which is really cool. So, yeah, by the end of this course you'll know everything concerning analyzing vulnerabilities. Now, please don't start this course without watching the first four courses in this series, including the first course, Laying the Foundation for Penetration Testing for CompTIA PenTest+. This is where we set up the lab environment that you'll see me do all my demos in, and trust me, I'd like for you to be able to follow along. You should also have a background in network and security. I recommend checking out our Security+ series here at Pluralsight. Now after you watch this course, you should feel really comfortable into diving further into this series. I'd even go back and maybe even look at some of our Ethical Hacking courses as well. Now that author knows what he's talking about. So I hope you'll join me on this exciting journey and learnings in Information Gathering and Vulnerability Identification for CompTIA PenTest+, here at Pluralsight.