Tenable University: Nessus Certificate of Proficiency

Yesterday I finished “Nessus Certificate of Proficiency” learning plan at Tenable University and passed the final test. Here I would like to share my impressions.

Nessus Certificate test completed

First of all, few words about my motivation. I use Nessus literally every day at work. So, it was fun to check my knowledge. I already wrote about Tenable education portal in “Study Vulnerability Assessment in Tenable University for free” post. It’s free. It’s available for everyone on demand. However, Tenable customers get access to way more content.

At this moment there are four learning plan available for Tenable customers: for Nessus, Tenable.io, SecurityCenter and SecurityCenter Continuous View. Each learning plan consist of short video lessons grouped in courses and the final test.

For Nessus learning plan there were 12 courses with 4-8 videos in each:

completed learning plan

For example, videos for “Nessus Advanced Scanning” course:

example Nessus advanced scanning

As you can see, some courses are related to Nessus Manager, which is not an active Tenable product anymore. However, most of the information about Nessus Manager is applicable to Tenable.io as well.

Most of the videos are very basic and good for novices. However, some of them contain specific details that I didn’t know before. I liked video about the stages of Nessus scan process. It’s important to understand that if Nessus fails or does not receive get enough information on previous stages, there won’t be detected vulnerabilities:

Nessus scan sequence

There was pretty useful video about debugging authentication issues on a different platforms. I also liked video about “WSUS scanning” when Nessus gets data about KBs installed/not installed on Windows hosts directly from WSUS and detects vulnerabilities without the need to perform actual network scan. More than this, it can correlate results of WSUS and network scan.

Unfortunately, there were no tests after each course. In previous version of education portal (rus) you needed to answer 5 questions after each module to go further. It was pretty useful for learning.

Now there is only one final test. 40 questions, pass mark 70 %, 75 minutes, only 1 attempt available. Some questions should be trivial for anyone who used Nessus. But about a half of them were tricky and required deep knowledge of how target hosts and Nessus should be configured to obtain the best scan results. 75 minutes is more than enough. When I finished answering the questions I had more than 30 minutes left. Actually, I wasn’t sure that I will pass it, but I did:

Nessus Certificate test completed

Certificate btw looks pretty simple 🙂 :

Nessus Certificate of Proficiency

2 thoughts on “Tenable University: Nessus Certificate of Proficiency

  1. Pingback: Non-reliable Nessus scan results | Alexander V. Leonov

  2. Pingback: Dealing with Nessus logs | Alexander V. Leonov

Leave a Reply

Your email address will not be published. Required fields are marked *

This site uses Akismet to reduce spam. Learn how your comment data is processed.