Week 10.0 Explain Vulnerability Management II

Overview

The module explains the differences between authenticated and unauthenticated scans, internal vs. external scans, and how results are interpreted. Students also explore Threat Feeds, which provide real-time intelligence about emerging vulnerabilities, malware, and attacker behavior.

The module expands into deeper investigative areas like the Deep and Dark Web, where stolen data, exploits, malware kits, and zero-day information are often traded. Students learn how cybersecurity teams safely monitor these environments for early warning signs.

To build a broader understanding of assessment methods, the course covers Other Vulnerability Assessment Techniques, such as penetration testing, configuration reviews, red teaming, and code analysis. Learners also explore Common Vulnerabilities and Exposures (CVE), a global database used to identify and categorize known security flaws.

The module further explains Types of Alerts and Log Review, helping students learn how logs from firewalls, applications, servers, and endpoints reveal attack attempts or active compromises. This leads into Vulnerability Analysis, where learners interpret scan results, prioritize weaknesses using metrics like CVSS, and assess business impact.

Finally, the course concludes with Vulnerability Response and Remediation, detailing how organizations patch, mitigate, or eliminate risks through structured processes such as patch management, compensating controls, change control, testing, verification, and communication.

By completing this module, learners gain a deep understanding of vulnerabilities from discovery to remediation equipping them with the skills needed to detect, assess, and respond to security weaknesses across modern digital environments.