Final Exam: Vulnerability Analyst

  • 1 video | 32s
  • Includes Assessment
  • Earns a Badge
Final Exam: Vulnerability Analyst will test your knowledge and application of the topics presented throughout the Vulnerability Analyst track of the Skillsoft Aspire Security Analyst to Security Architect Journey.


  • Perform a targeted remote scan using nmap
    describe the dangers of file upload remote execution
    describe the zero-trust model for security
    describe the network security concerns for hybrid cloud models
    describe the principles that define a security architecture
    describe the challenges and deficiencies of traditional security architectures
    describe the placement and use of sniffing and ids sensors
    describe the use of encryption methods and best practices in implementing encryption
    configure a firewall to block untrusted egress
    configure a firewall to block all but a trust subnet
    describe information threats such as privacy breaches or data leaks
    describe approaches to secure coding practices
    describe industry standards and the application domains they apply to
    block an attacker after too many failed login attempts
    perform ids with snort
    describe metrics used to measure the effectiveness of incident tracking
    describe approaches to ips and how it differs from ids
    describe authentication threats and non-repudiation
    perform ids with snort using a sample ruleset
    describe methods of authentication and their best practices
    recognize examples of security misconfiguration threats
    configure an nginx http service to prevent insecure file access
    describe how incident tracking can be integrated into an organization
    describe options and deployment strategies for ips
    describe the life cycle of an attack and how it is tracked
    describe the process and potential security flaws in security architecture implementation
    describe the continuous monitoring approach to active incident tracking
    describe the challenges of a secure-first network design
    describe the tools and techniques used by intrusion detection systems
    describe the network forensic approach to computer networks
  • perform nmap scans using methods to evade ids detection
    describe a network design approach from a security mindset
    describe the threat of user account discovery and how it is carried out
    describe methods and tools that can be used to help secure software through automation and testing
    describe methods of authorization and access control
    configure a secure vpn client to connect to a vpn server
    differentiate between public and private keys and their ciphers
    describe authenticity and identity spoofing threats
    describe how to validate integrity and tampering threats
    describe practical approaches to secure coding practices
    describe common coding pitfalls that lead to security vulnerabilities
    describe the security benefit of reproducible builds
    use wireshark to inspect network packets
    describe methods used to discover vulnerabilities
    describe methods of brute force attacks and key sizes
    describe the zero-trust model
    block an attacker after failed login attempts
    use password security tools to enforce a strong password policy
    compare between public and private keys and their ciphers
    describe the categories of vulnerabilities using the stride model
    identify how incident tracking can be integrated into an organization
    describe methods of keeping login and authentication credentials secure
    configure a deny-first firewall using ufw
    use tools to scan for potential intrusions on a local system
    describe security concerns when adopting new technologies, coding languages, and platforms
    describe advantages and disadvantages of various approaches to ips
    handle security policy trade-offs in situations where solutions might not align with policy
    use the local /etc/hosts to block unwanted connections
    describe effective incident tracking practices
    describe some of the cyber-security regulations when it comes to tracking and responding to incidents


Skillsoft is providing you the opportunity to earn a digital badge upon successful completion on some of our courses, which can be shared on any social network or business platform.

Digital badges are yours to keep, forever.