SKILL BENCHMARK

Security+: Attacks, Threats, and Vulnerabilities Competency

  • 30m
  • 30 questions
The Attacks, Threats, and Vulnerabilities Competency benchmark will measure your ability to recognize key terms and concepts related to attack, threat, and vulnerability concepts. You will be evaluated on attack types, threat actors, vulnerabilities, and reconnaissance. A learner who scores high on this benchmark demonstrates that they have the skills related to understanding key attack, threat, and vulnerabilities terminology and concepts.

Topics covered

  • compare cloud-based service provider malware attacks to on-premise attacks on the data center or enterprise edge
  • compare cloud-based vs. on-premise vulnerabilities
  • compare syslog and SIEM system techniques such as review reports, packet captures, data inputs, user behavior analysis (UBA) and sentiment analysis
  • compare threat vectors as in direct access, wireless, e-mail, supply chain, social media, removable media, and cloud-based
  • define additional vulnerability scanning tools and techniques like common vulnerabilities and exposures (CVE), common vulnerability scoring system (CVSS), and configuration review
  • define different phishing attacks including spear phishing and whaling
  • define exploits where the attacker secretly relays and possibly alters communications between two parties who assume they are communicating with each other
  • define third-party risks including partner or vendor management, system integration, lack of vendor support, supply chain risk, and outsourced code development
  • define types of scams, fraud, and hoaxes
  • describe active reconnaissance techniques such as footprinting
  • describe and compare cross-site scripting and cross-site request forgery, which are now the most common attacks against web services
  • describe API attacks, the most common being against login credentials and authentication
  • describe cryptographic attacks such as birthday, collision, and downgrade
  • describe DDoS attacks against the network, applications, and operational technology
  • describe different injection attacks against SQL, DLLs, LDAP, and XML
  • describe dumpster diving, shoulder surfing, pharming, and other exploits
  • describe improper patch management for firmware, operating systems, and applications
  • describe password attacks such as spraying, dictionary, and brute force
  • describe privilege escalation and elevation techniques that exploit poor least privilege policies
  • describe secure sockets layer stripping against web servers and pass the hash attacks against older version of Windows operating systems, which are still common in IoT and embedded devices
  • describe spam and its variants such as spim
  • describe the characteristics of security orchestration, automation, response (SOAR) systems
  • describe threat hunting concepts such as intelligence fusion, threat feeds, advisories, bulletins, and maneuvers
  • describe threats and threat actors like privileged insiders, state actors, hacktivists, script kiddies, and criminal syndicates
  • describe various common malware attacks like viruses and worms
  • describe wireless attacks like evil twin, rogue access points, disassociation, and jamming
  • describe zero-day vulnerabilities as in computer-software threats that are unknown to, or unaddressed by, those who should be interested in mitigating the vulnerability, including the vendor of the target software
  • recognize legacy platforms and varied impacts like data leakage and loss, data breaches, data exfiltration, and identity theft
  • survey fundamental methods for pen testing like lateral movement, privilege escalation, persistence, and pivoting
  • survey weak configurations such as open permissions, unsecured root accounts, errors, weak encryption, and unsecure protocols