Ethical hacking is about testing the risk level of an organization. In order to perform effective, professional ethical hacking, a knowledge of risk is essential. In this 10-video course, you will discover how to use the Common Vulnerability Scoring System (CVSS) and how to apply risk management concepts and evaluate risk in accordance with common standards. Key concepts covered in this course include learning to calculate risk levels in a quantitative manner, the preliminary step done in any risk assessment; learning to identify and implement specific responses to risk assess security vulnerabilities by using CVSS; and utilizing the CIA triangle (confidentiality, integrity. and availability) and the McCumber cube to assess risks and threats. Next, learn to apply risk management standards according to NIST 800-37; evaluate security in accordance with ISO/IEC 18045; and learn the COBIT 5 standard, a widely-known standard and way of modeling risk and security. Finally, learn to use Damage, Reproducibility, Exploitability, Affected Users, Discoverability (DREAD), Process for Attack Simulation and Threat Analysis (PASTA), and other risk models.
Ethical Hacker: Risk Assessment