40K+? Are you kidding me!!!!!
Is this subject (CVEs) covered in any of the CompTIA courses?
-
To ensure you get the most out of your CIN membership and stay connected with the latest updates, we are asking all members to update their community profiles. Please take a few moments to log in and: • Complete all sections of your profile • Review your current information for accuracy • Enter an alternative email address if desired (CIN requires your valid business email address for your training organization). Keeping your profile up to date helps us better serve you, ensures your account is correctly linked with CompTIA’s CRM, streamlines processes, enhances communication, and guarantees you never miss out on valuable CIN opportunities. Thank you for taking this important step! step!
Common Vulnerabilities and Exposures
- Thread starter Trevor Chandler
- Start date
40K+? Are you kidding me!!!!!
Is this subject (CVEs) covered in any of the CompTIA courses?
Yes, 40k. Or more.
Many of those are Wordpress Plugins, or Linux kernel issues. Those two, based on what I learned from the Open Source Security podcast, are the two biggest sources of CVEs, with thousands and thousands every year.
And yes, knowing about CVE's is part of Sec+, CySA+, Pentest+ and CASP+.
Yes, it's covered on a few certifications like Tess explained. Also on the tests for those certifications you will get questions where you need to analyze and interpret scores, and prioritize which CVE to address first. Others might give you a scan report and ask what action to take next. You might see questions about a pentest and how to exploit a specific CVE by choosing the right tool. On CASP+ you get questions asking how to mitigate high-risk CVE without disrupting business operations.