This course gives security professionals with the knowledge and skills require to deploy and set up a single Nessus scanner on the network. Students will perform a host discovery scan, a Windows compliance scan, credentialed scan of a Windows target, basic network vulnerability scan, and a mobile device scan.

It gives security professionals with the knowledge and skills require to utilize the compliance features of Nessus that go beyond routine scanning. This applies not only to environments that may be necessary to adhere to regulatory compliance standards, but also to environments that would like to confirm adherence to corporate policies. Students will understand how Nessus performs compliance audits and how the audit language can be used for informational gathering purposes. Additionally,

The versatile Nessus vulnerability scanner provides patch, configuration, and compliance auditing; malware, mobile, and botnet discovery; sensitive data identification; and many other features.

Partner educational program Details (Olympian Certification):

  • IT security analysts, security consultants, or auditors who wish to become familiar with Nessu's core features and basic functionality.
  • SecurityCenter users that wish to gain a general understanding of Nessus functionality and policy creation

Prerequsite:

Basic understanding of TCP/IP networking, operating systems security, and common client/server applications

Duration of the course: 2 Days ( 8 Hrs/Day)

Course Outline:

  • Introduction to Nessus and Vulnerability Scanning
  • Nessus Installation and Administration
  • Basic Nessus Scan Operation
  • Nessus Scan Configuration and Policy Creation
  • Vulnerability Analysis and Reporting with Nessus
  • Advanced Scan Configuration and Policy Creation
  • Introduction to Compliance and Auditing
  • Nessus Auditing Features
  • Windows System Auditing
  • Unix System Auditing
  • Nessus Database Auditing
  • Nessus Content Auditing
  • Auditing to Industry Guidelines
  • Auditing to Federal Guidelines