CompTIA Security+: Threat Actors, Intelligence Sources, & Vulnerabilities

CompTIA Security+    |    Intermediate
  • 13 Videos | 56m 6s
  • Includes Assessment
  • Earns a Badge
Likes 167 Likes 167
When guarding against threats and vulnerabilities, it is important to understand the various sources of threat and how to leverage intelligence sources to mitigate them. In this course, you'll learn about threat actors and threat vectors, attributes of threat actors and agents, threat intelligence sources such as OSINT and the dark web, and various research sources. Then, you'll move on to examine different types of vulnerabilities, including cloud-based and on-premises, zero-day, weak configurations, third-party risks, improper patch management, and legacy platforms. Finally, you'll examine various impacts such as data loss and data breach, as you prepare for the CompTIA Security+ SY0-601 certification exam.

WHAT YOU WILL LEARN

  • discover the key concepts covered in this course
    describe threats and threat actors like privileged insiders, state actors, hacktivists, script kiddies, and criminal syndicates
    define the attributes of actors such as internal, external, sophistication, capability, resources, funding, intent, and motivation
    compare threat vectors as in direct access, wireless, e-mail, supply chain, social media, removable media, and cloud-based
    survey intelligence sources like OSINT, proprietary, vulnerability databases, public or private information, sharing centers, and the dark web
    describe research sources as in vendor web sites, vulnerability feeds, conferences, academic journals, and request for comments
    compare cloud-based vs. on-premise vulnerabilities
  • describe zero-day vulnerabilities as in computer-software threats that are unknown to, or unaddressed by, those who should be interested in mitigating the vulnerability, including the vendor of the target software
    survey weak configurations such as open permissions, unsecured root accounts, errors, weak encryption, and unsecure protocols
    define third-party risks including partner or vendor management, system integration, lack of vendor support, supply chain risk, and outsourced code development
    describe improper patch management for firmware, operating systems, and applications
    recognize legacy platforms and varied impacts like data leakage and loss, data breaches, data exfiltration, and identity theft
    discover the key concepts covered in this course

IN THIS COURSE

EARN A DIGITAL BADGE WHEN YOU COMPLETE THIS COURSE

Skillsoft is providing you the opportunity to earn a digital badge upon successful completion of this course, which can be shared on any social network or business platform

Digital badges are yours to keep, forever.

PEOPLE WHO VIEWED THIS ALSO VIEWED THESE

Likes 333 Likes 333