Class Central is learner-supported. When you buy through links on our site, we may earn an affiliate commission.

Provider Logo

Vulnerability Management: Assessing the Risks with CVSS v3.1

via LinkedIn Learning

Overview

Prioritize the vulnerabilities in your environment using the Common Vulnerability Scoring System (CVSS). Learn how to apply CVSS scores to effectively assess risk.

Vulnerability management can be difficult, and understanding the risks that vulnerabilities pose in your own environment is key to determining how (and in what order) to tackle them. The Common Vulnerability Scoring System (CVSS) was developed to address this. In this course, explore the essential metrics in the CVSS methodology, as well as how to apply CVSS scores to assess risk and determine what to fix first. Instructor Lora Vaughn takes a deep dive into CVSS version 3.1, examining the characteristics it measures, the scoring formula, and how to apply CVSS scores to your environment. Using practical examples, she covers the three most essential aspects of CVSS: Base, Temporal, and Environmental metrics. Upon wrapping up this course, you'll be equipped with the essential knowledge you need to use CVSS scores to prioritize remediation efforts.

Syllabus

Introduction
  • Welcome to this course
  • Case study: Red30 technology
1. Vulnerability Basics
  • Vulnerability risk assessment
  • Vulnerability types and their causes
  • Methods for fixing vulnerabilities
  • Common terms in vulnerability management
2. CVSS Overview
  • Intro to the Common Vulnerability Scoring System (CVSS)
  • Core elements of CVSS v3.1
  • CVSS v3.1 formula
  • Making sense of the CVSS vector string
3. Base Metric Group
  • The CVSS base metric group
  • The attack vector metric
  • How attack complexity affects risk
  • The effects of the privileges required metric on risk
  • User interaction and vulnerability risk
  • Confidentiality, integrity, and availability impact metrics
  • Security scope in CVSS
  • Challenge
  • Solution
4. Temporal Metrics Group
  • How exploit code maturity affects risk
  • How remediation level affects risk
  • How report confidence affects risk
5. Environment Metrics Group
  • Confidentiality, integrity, and availability requirement
  • Modified base metrics in CVSS
6. Putting CVSS into Practice
  • Using CVSS scores
  • CVSS severity rating scale
  • Using CVSS scoring in the enterprise
  • Remediating vulnerabilities
  • Accepting vulnerability risks
  • Challenge
  • Solution
Conclusion
  • Next steps

Taught by

Lora Vaughn

Related Courses

Reviews

0.0 rating, based on 0 reviews

Start your review of Vulnerability Management: Assessing the Risks with CVSS v3.1

Never stop learning Never Stop Learning!

Get personalized course recommendations, track subjects and courses with reminders, and more.

Sign up for free