Part V — Cybersecurity Controls

Chapter 14

Vulnerability Management

Domain 5 Lab 7

📖 Key Topics Covered

  • Vulnerability Management
  • Explain CVSS scoring and CVE identification systems
  • What is Vulnerability Management?
  • The Vulnerability Management Lifecycle
  • CVSS (Common Vulnerability Scoring System)
  • Informational only
  • Expedite remediation
  • Immediate action required
  • CVE (Common Vulnerabilities and Exposures)
  • Vulnerability Scanning Tools
  • Nmap (Network Mapper)
  • OpenVAS / Greenbone
  • Remediation Strategies
  • Chapter Summary
  • Review Questions

🔑 Key Terms

Acceptance Assessment CVE (Common Vulnerabilities and Exposures) CVSS (Common Vulnerability Scoring System) Discovery ID (e.g., CVE‐2024‐12345) Patching Remediation Reporting Scanning Verification

See the full definitions in the Glossary and test yourself with Flashcards.

Assessment Tips

💡 Assessment Tip

Know how to use Nmap for basic network reconnaissance. Understand the difference between vulnerability scanning (automated, identifies known vulnerabilities) and penetration testing (manual, attempts to exploit vulnerabilities). Scanning tells you wh

🧪 Hands-On Lab

This chapter includes Lab 7 in Appendix E. View lab setup guide →

← Chapter 13 All Chapters Chapter 15 →