CompTIA Security+: Threat Actors & Vectors

CompTIA Security+    |    Beginner
  • 12 videos | 34m 39s
  • Includes Assessment
  • Earns a Badge
Rating 5.0 of 2 users Rating 5.0 of 2 users (2)
One of the primary goals for an emerging security practitioner is to have a firm grasp of the present threatscape. The learner will build this vital knowledge base in this course. In this course, we will explore threat actor types, attributes, and motivations. Next, we will dive into the use of human vectors and social engineering as well as common attack surfaces. Then we will explore supply chain, application, and O/S and web-based vulnerabilities. Finally, we will cover hardware and virtualization vulnerabilities, cloud vulnerabilities, and mobile device vulnerabilities. This course is part of a series that prepares you for the CompTIA Security+ (SY0-701) exam.

WHAT YOU WILL LEARN

  • Discover the key concepts covered in this course
    Compare threat actor types including nation-state, unskilled attacker, hacktivist, insider threat, and organized crime, and attributes such as internal/external, resources/funding, sophistication, and capability levels
    Define threat actor motivations such as data exfiltration, espionage, service disruption, blackmail, financial gain, political beliefs, ethical, revenge, disruption/chaos, and war
    Outline human vectors and social engineering including phishing, business email compromise, vishing, smishing, disinformation, impersonation, hoaxing, pretexting, brand impersonation, typosquatting, and watering hole
    Outline common attack surfaces like removable devices, vulnerable software, client-based vs. agentless, unsupported systems and applications, unsecure networks, open service ports, and default credentials
    Outline supply chain vulnerabilities including managed service providers, vendors, suppliers, service providers, and hardware and software providers
  • Compare application vulnerabilities including memory injection, buffer overflow, race conditions, time-of-check (toc)/time-of-use (tou), malicious updates, and zero days
    Outline os-based and web-based vulnerabilities such as misconfiguration, unpatched, outdated, sqli, cross-site scripting (xss), and request forgeries
    Recognize hardware and virtualization vulnerabilities including firmware, end-of-life, legacy issues, virtual machine escape, sprawl, and resource reuse
    Outline the csa list of cloud vulnerabilities
    Define mobile device vulnerabilities like side loading, jailbreaking, and rooting
    Summarize the key concepts covered in this course

IN THIS COURSE

  • 39s
    In this video, we will discover the key concepts covered in this course. FREE ACCESS
  • 5m 49s
    After completing this video, you will be able to compare threat actor types including nation-state, unskilled attacker, hacktivist, insider threat, and organized crime, and attributes such as internal/external, resources/funding, sophistication, and capability levels. FREE ACCESS
  • Locked
    3.  Threat Actor Motivations
    1m 26s
    Upon completion of this video, you will be able to define threat actor motivations such as data exfiltration, espionage, service disruption, blackmail, financial gain, political beliefs, ethical, revenge, disruption/chaos, and war. FREE ACCESS
  • Locked
    4.  Human Vectors and Social Engineering
    5m 16s
    After completing this video, you will be able to outline human vectors and social engineering including phishing, business email compromise, vishing, smishing, disinformation, impersonation, hoaxing, pretexting, brand impersonation, typosquatting, and watering hole. FREE ACCESS
  • Locked
    5.  Common Attack Surfaces
    1m 37s
    Upon completion of this video, you will be able to outline common attack surfaces like removable devices, vulnerable software, client-based vs. agentless, unsupported systems and applications, unsecure networks, open service ports, and default credentials. FREE ACCESS
  • Locked
    6.  Supply Chain Vulnerabilities
    1m 45s
    After completing this video, you will be able to outline supply chain vulnerabilities including managed service providers, vendors, suppliers, service providers, and hardware and software providers. FREE ACCESS
  • Locked
    7.  Application Vulnerabilities
    3m 47s
    Upon completion of this video, you will be able to compare application vulnerabilities including memory injection, buffer overflow, race conditions, time-of-check (TOC)/time-of-use (TOU), malicious updates, and zero days. FREE ACCESS
  • Locked
    8.  OS-based and Web-based Vulnerabilities
    5m 26s
    After completing this video, you will be able to outline OS-based and web-based vulnerabilities such as misconfiguration, unpatched, outdated, SQLi, cross-site scripting (XSS), and request forgeries. FREE ACCESS
  • Locked
    9.  Hardware and Virtualization Vulnerabilities
    3m 21s
    Upon completion of this video, you will be able to recognize hardware and virtualization vulnerabilities including firmware, end-of-life, legacy issues, virtual machine escape, sprawl, and resource reuse. FREE ACCESS
  • Locked
    10.  The Cloud Security Alliance (CSA) Treacherous 12 Cloud Vulnerabilities
    2m 29s
    After completing this video, you will be able to outline the CSA list of cloud vulnerabilities. FREE ACCESS
  • Locked
    11.  Mobile Device Vulnerabilities
    2m 24s
    Upon completion of this video, you will be able to define mobile device vulnerabilities like side loading, jailbreaking, and rooting. FREE ACCESS
  • Locked
    12.  Course Summary
    40s
    In this video, we will summarize the key concepts covered in this course. FREE ACCESS

EARN A DIGITAL BADGE WHEN YOU COMPLETE THIS COURSE

Skillsoft is providing you the opportunity to earn a digital badge upon successful completion on some of our courses, which can be shared on any social network or business platform.

Digital badges are yours to keep, forever.

YOU MIGHT ALSO LIKE

Rating 4.4 of 17 users Rating 4.4 of 17 users (17)
Rating 5.0 of 1 users Rating 5.0 of 1 users (1)