Vulnerability Assessment


5 days


27 – 31 Aug, 24-28 Sep, 22-26 Oct, 26-30 Nov, 10-14 Dec 2018




Holiday Inn Express Hotel 1 Priddys Yard Croydon CR0 1TS

Course Summary

To minimize costly security breaches, organizations need to evaluate the risk in their enterprise from an array of vulnerabilities. In this training course, you learn how to expose infrastructure, server, and desktop vulnerabilities, create and interpret reports, configure vulnerability scanners, detect points of exposure, and prevent network exploitation.

Course Objective:

You Will Learn How To

  • Detect and respond to vulnerabilities, and minimise exposure to security breaches
  • Employ real-world exploits and evaluate their effect on your systems
  • Configure vulnerability scanners to identify weaknesses
  • Analyse the results of vulnerability scans
  • Establish an efficient strategy for vulnerability management

This course can also be taken in

Accra:15-19Jan, 9-13Apr, 7-11 May, 13-17Aug, 12-16Nov 2018

Dubai:15-19Jan, 9-13Apr, 7-11 May, 13-17Aug, 12-16Nov 2018

Course Content


  • Introduction
  • Defining vulnerability, exploit, threat and risk
  • Creating a vulnerability report
  • Conducting an initial scan
  • Common Vulnerabilities and Exposure (CVE) list

Scanning and exploits

  • Vulnerability detection methods
  • Types of scanners
  • Port scanning and OS fingerprinting
  • Enumerating targets to test information leakage
  • Types of exploits: worm, spyware, backdoor, rootkits, Denial of Service (DoS)
  • Deploying exploit frameworks
  • Analysing Vulnerabilities and Exploits

Uncovering infrastructure vulnerabilities

  • Uncovering switch weaknesses
  • Vulnerabilities in infrastructure support servers
  • Network management tool attacks

Attacks against analysers and IDS

  • Identifying Snort IDS bypass attacks
  • Corrupting memory and causing Denial of Service

Exposing server vulnerabilities

  • Scanning servers: assessing vulnerabilities on your network
  • Uploading rogue scripts and file inclusion
  • Catching input validation errors
  • Performing buffer overflow attacks
  • SQL injection
  • Cross–Site Scripting (XSS) and cookie theft

Revealing desktop vulnerabilities

  • Scanning for desktop vulnerabilities
  • Client buffer overflows
  • Silent downloading: spyware and adware
  • Identifying design errors
  • Configuring Scanners and Generating Reports

Creating and interpreting reports

    • Filtering and customising reports
    • Interpreting complex reports
    • Contrasting the results of different scanners
    • Assessing Risks in a Changing Environment

Researching alert information

  • Using the National Vulnerability Database (NVD) to find relevant vulnerability and patch information
  • Evaluating and investigating security alerts and advisories
  • Employing the Common Vulnerability Scoring System (CVSS)

Identifying factors that affect risk

    • Evaluating the impact of a successful attack
    • Determining vulnerability frequency
    • Calculating vulnerability severity
    • Weighing important risk factors
    • Performing a risk assessment
    • Managing Vulnerabilities

The vulnerability management cycle

  • Standardising scanning with Open Vulnerability Assessment Language (OVAL)
  • Patch and configuration management
  • Analysing the vulnerability management process

Vulnerability controversies

  • Rewards for vulnerability discovery
  • Markets for bugs and exploits
  • Challenge programs

Book this course

please send us your details & someone from our team will get back to you

Vulnerability Assessment

7 + 3 =

Upcoming Courses