CompTIA Security+: Analyzing Application & Network Attacks

CompTIA Security+    |    Intermediate
  • 15 Videos | 1h 2m 29s
  • Includes Assessment
  • Earns a Badge
Likes 69 Likes 69
It is crucial that you be able to recognize various application and network attacks and be able to protect your infrastructure from them. In this course, you'll learn to analyze different application attacks such as privilege escalation, cross-site scripting, request forgery, injection, code, and APIs. You'll also look at other attacks like SSL stripping, pass the hash, and driver manipulation. Then, you'll move on to explore a variety of network attacks, including wireless, man-in-the-middle, Layer 2, DNS, DDoS, and malicious code or script execution. This course can be used in preparation for the CompTIA Security+ SY0-601 certification exam.

WHAT YOU WILL LEARN

  • discover the key concepts covered in this course
    describe privilege escalation and elevation techniques that exploit poor least privilege policies
    describe and compare cross-site scripting and cross-site request forgery, which are now the most common attacks against web services
    describe different injection attacks against SQL, DLLs, LDAP, and XML
    recognize a variety of coding attacks like pointer/object dereference, directory traversal, buffer overflows, and race conditions
    describe API attacks, the most common being against login credentials and authentication
    describe secure sockets layer stripping against web servers and pass the hash attacks against older version of Windows operating systems, which are still common in IoT and embedded devices
    define device driver manipulation in Windows and *nix systems including shimming and refactoring
  • describe wireless attacks like evil twin, rogue access points, disassociation, and jamming
    define exploits where the attacker secretly relays and possibly alters communications between two parties who assume they are communicating with each other
    describe Layer 2 attacks such as ARP poisoning, MAC flooding, and MAC cloning
    define DNS attacks such as domain hijacking, DNS poisoning, and URL redirection
    describe DDoS attacks against the network, applications, and operational technology
    recognize malicious code or script execution targeting PowerShell, Python, Bash shells, macros, and Visual Basic for Applications
    summarize the key concepts covered in this course

IN THIS COURSE

EARN A DIGITAL BADGE WHEN YOU COMPLETE THIS COURSE

Skillsoft is providing you the opportunity to earn a digital badge upon successful completion of this course, which can be shared on any social network or business platform

Digital badges are yours to keep, forever.

PEOPLE WHO VIEWED THIS ALSO VIEWED THESE