CompTIA Security+: Analyzing Application & Network Attacks

CompTIA    |    Intermediate
  • 15 videos | 55m 59s
  • Includes Assessment
  • Earns a Badge
Rating 4.5 of 483 users Rating 4.5 of 483 users (483)
It is crucial that you be able to recognize various application and network attacks and be able to protect your infrastructure from them. In this course, you'll learn to analyze different application attacks such as privilege escalation, cross-site scripting, request forgery, injection, code, and APIs. You'll also look at other attacks like SSL stripping, pass the hash, and driver manipulation. Then, you'll move on to explore a variety of network attacks, including wireless, man-in-the-middle, Layer 2, DNS, DDoS, and malicious code or script execution. This course can be used in preparation for the CompTIA Security+ SY0-601 certification exam.

WHAT YOU WILL LEARN

  • Discover the key concepts covered in this course
    Describe privilege escalation and elevation techniques that exploit poor least privilege policies
    Describe and compare cross-site scripting and cross-site request forgery, which are now the most common attacks against web services
    Describe different injection attacks against sql, dlls, ldap, and xml
    Recognize a variety of coding attacks like pointer/object dereference, directory traversal, buffer overflows, and race conditions
    Describe api attacks, the most common being against login credentials and authentication
    Describe secure sockets layer stripping against web servers and pass the hash attacks against older version of windows operating systems, which are still common in iot and embedded devices
    Define device driver manipulation in windows and *nix systems including shimming and refactoring
  • Describe wireless attacks like evil twin, rogue access points, disassociation, and jamming
    Define exploits where the attacker secretly relays and possibly alters communications between two parties who assume they are communicating with each other
    Describe layer 2 attacks such as arp poisoning, mac flooding, and mac cloning
    Define dns attacks such as domain hijacking, dns poisoning, and url redirection
    Describe ddos attacks against the network, applications, and operational technology
    Recognize malicious code or script execution targeting powershell, python, bash shells, macros, and visual basic for applications
    Summarize the key concepts covered in this course

IN THIS COURSE

  • 1m 37s
  • 4m 1s
    Upon completion of this video, you will be able to describe privilege escalation and elevation techniques that exploit poor least privilege policies. FREE ACCESS
  • Locked
    3.  Cross-site Scripting and Request Forgery
    5m 10s
    After completing this video, you will be able to describe and compare cross-site scripting and cross-site request forgery, which are now the most common attacks against web services. FREE ACCESS
  • Locked
    4.  Injection Attacks
    4m 37s
    Upon completion of this video, you will be able to describe different injection attacks against SQL, DLLs, LDAP, and XML. FREE ACCESS
  • Locked
    5.  Targeted Coding Attacks
    8m 52s
    Upon completion of this video, you will be able to recognize a variety of coding attacks, including pointer/object dereference, directory traversal, buffer overflows, and race conditions. FREE ACCESS
  • Locked
    6.  Application Programming Interface Attacks
    2m 25s
    Upon completion of this video, you will be able to describe API attacks, the most common being against login credentials and authentication. FREE ACCESS
  • Locked
    7.  SSL Stripping and Pass the Hash
    1m 45s
    After completing this video, you will be able to describe secure sockets layer stripping against web servers and pass the hash attacks against older versions of Windows operating systems, which are still common in IoT and embedded devices. FREE ACCESS
  • Locked
    8.  Driver Manipulation
    2m 25s
    In this video, you will learn how to define device driver manipulation in Windows and *nix systems, including shimming and refactoring. FREE ACCESS
  • Locked
    9.  Wireless Attacks
    9m 43s
    Upon completion of this video, you will be able to describe wireless attacks such as evil twin, rogue access points, disassociation, and jamming. FREE ACCESS
  • Locked
    10.  Man-in-the-Middle Attacks
    3m 14s
    In this video, you will define exploits where the attacker secretly relays and possibly alters communications between two parties who assume they are communicating with each other. FREE ACCESS
  • Locked
    11.  Layer 2 Attacks
    3m 43s
    Upon completion of this video, you will be able to describe Layer 2 attacks such as ARP poisoning, MAC flooding, and MAC cloning. FREE ACCESS
  • Locked
    12.  DNS Attacks
    2m 43s
    In this video, you will learn how to define DNS attacks such as domain hijacking, DNS poisoning, and URL redirection. FREE ACCESS
  • Locked
    13.  Distributed Denial-of-Service Attacks
    3m 6s
    Upon completion of this video, you will be able to describe DDoS attacks against networks, applications, and operational technology. FREE ACCESS
  • Locked
    14.  Malicious Code or Script Execution
    1m 57s
    After completing this video, you will be able to recognize malicious code or script execution targeting PowerShell, Python, Bash shells, macros, and Visual Basic for Applications. FREE ACCESS
  • Locked
    15.  Course Summary
    42s

EARN A DIGITAL BADGE WHEN YOU COMPLETE THIS COURSE

Skillsoft is providing you the opportunity to earn a digital badge upon successful completion on some of our courses, which can be shared on any social network or business platform.

Digital badges are yours to keep, forever.

YOU MIGHT ALSO LIKE

Course OWASP Top 10: Securing Web Applications
Rating 4.6 of 1111 users Rating 4.6 of 1111 users (1111)
Course CompTIA PenTest+: Vulnerability Scanning
Rating 4.6 of 65 users Rating 4.6 of 65 users (65)
Course CompTIA Cybersecurity Analyst+: Threat Monitoring
Rating 4.6 of 78 users Rating 4.6 of 78 users (78)

PEOPLE WHO VIEWED THIS ALSO VIEWED THESE

Book CompTIA Security+ All-in-One Exam Guide, Sixth Edition (Exam SY0-601)
Course CompTIA Security+: Virtualization, Cloud Computing, & Cloud Cybersecurity Solutions
Rating 4.4 of 189 users Rating 4.4 of 189 users (189)
Course CompTIA Security+: Security Concepts in an Enterprise Environment
Rating 4.4 of 234 users Rating 4.4 of 234 users (234)