Common Vulnerabilities and Exposures

Jump to latest Follow Reply
#3
Trevor Chandler said:
40K+? Are you kidding me!!!!!

Is this subject (CVEs) covered in any of the CompTIA courses?
Click to expand...
Yes, 40k. Or more.

Many of those are Wordpress Plugins, or Linux kernel issues. Those two, based on what I learned from the Open Source Security podcast, are the two biggest sources of CVEs, with thousands and thousands every year.

And yes, knowing about CVE's is part of Sec+, CySA+, Pentest+ and CASP+.
 
  • Love
  • Like
Reactions: Steve Mallard, Trevor Chandler and precious
#4
Yes, it's covered on a few certifications like Tess explained. Also on the tests for those certifications you will get questions where you need to analyze and interpret scores, and prioritize which CVE to address first. Others might give you a scan report and ask what action to take next. You might see questions about a pentest and how to exploit a specific CVE by choosing the right tool. On CASP+ you get questions asking how to mitigate high-risk CVE without disrupting business operations.
 
  • Like
  • Love
Reactions: Eddy Harden, Edna Chimpeni, Trevor Chandler and 1 other person
#5
Jose A Ruiz Marquez said:
Yes, it's covered on a few certifications like Tess explained. Also on the tests for those certifications you will get questions where you need to analyze and interpret scores, and prioritize which CVE to address first. Others might give you a scan report and ask what action to take next. You might see questions about a pentest and how to exploit a specific CVE by choosing the right tool. On CASP+ you get questions asking how to mitigate high-risk CVE without disrupting business operations.
Click to expand...
Awesome!!!

Thank you Jose!!!!
 
You must log in or register to reply here.
Top Bottom
Back
Jump to latest Follow Reply
Jump to latest Follow Reply
Home
Media
Resources
Menu