From the course: CompTIA PenTest (PT0-002) Cert Prep

Unlock this course with a free trial

Join today to access over 23,200 courses taught by industry experts.

Prioritization of vulnerabilities

Prioritization of vulnerabilities

From the course: CompTIA PenTest (PT0-002) Cert Prep

Start my 1-month free trial Buy for my team

Prioritization of vulnerabilities

- So we've moved one more step forward in the penetration testing process. So you can see, it's like a bunch of building blocks. We first looked at which assets were most important. We ranked them. Then based on those assets and that asset ranking, we ranked the vulnerabilities on those assets. So it's almost like a 2D matrix at that point. So now we know which vulnerabilities are the most important. Now let's take a look at what exploits we can use to leverage those vulnerabilities. So that's why it's important to do an asset ranking followed by a vulnerability based on asset ranking, followed by exploit based on vulnerability ranking. So it's almost like we have a three-dimensional matrix going on here, but it's important to build this database so that we can take the most important exploits that are going to be the biggest bang for the buck. So we're leveraging this information to prepare for exploitation selection, so we can map the vulnerabilities to potential exploits and then…

Contents