6.1: Description and Objectives
Description
Vulnerabilities are weaknesses that enable threats to be actualized. This module discusses cybersecurity vulnerabilities in general and those that are of a higher concern for critical infrastructure systems. It also identifies processes and tools for discovering vulnerabilities.
Objectives
- Identify the common vulnerabilities associated with Control Systems (CS).
- Identify SCADA cyber vulnerabilities.
- Describe how an attacker may gain control of the SCADA system.
- Define vulnerability assessment and explain why it is important.
- Identify vulnerability assessment techniques and tools, such as CSET, Nessus, and other assessment tools.
- Explain the differences between vulnerability scanning and penetration testing.