CompTIA Security+: Threat Actors, Intelligence Sources, & Vulnerabilities

CompTIA    |    Intermediate
  • 13 videos | 50m 36s
  • Includes Assessment
  • Earns a Badge
Rating 4.5 of 327 users Rating 4.5 of 327 users (327)
When guarding against threats and vulnerabilities, it is important to understand the various sources of threat and how to leverage intelligence sources to mitigate them. In this course, you'll learn about threat actors and threat vectors, attributes of threat actors and agents, threat intelligence sources such as OSINT and the dark web, and various research sources. Then, you'll move on to examine different types of vulnerabilities, including cloud-based and on-premises, zero-day, weak configurations, third-party risks, improper patch management, and legacy platforms. Finally, you'll examine various impacts such as data loss and data breach, as you prepare for the CompTIA Security+ SY0-601 certification exam.

WHAT YOU WILL LEARN

  • Discover the key concepts covered in this course
    Describe threats and threat actors like privileged insiders, state actors, hacktivists, script kiddies, and criminal syndicates
    Define the attributes of actors such as internal, external, sophistication, capability, resources, funding, intent, and motivation
    Compare threat vectors as in direct access, wireless, e-mail, supply chain, social media, removable media, and cloud-based
    Survey intelligence sources like osint, proprietary, vulnerability databases, public or private information, sharing centers, and the dark web
    Describe research sources as in vendor web sites, vulnerability feeds, conferences, academic journals, and request for comments
    Compare cloud-based vs. on-premise vulnerabilities
  • Describe zero-day vulnerabilities as in computer-software threats that are unknown to, or unaddressed by, those who should be interested in mitigating the vulnerability, including the vendor of the target software
    Survey weak configurations such as open permissions, unsecured root accounts, errors, weak encryption, and unsecure protocols
    Define third-party risks including partner or vendor management, system integration, lack of vendor support, supply chain risk, and outsourced code development
    Describe improper patch management for firmware, operating systems, and applications
    Recognize legacy platforms and varied impacts like data leakage and loss, data breaches, data exfiltration, and identity theft
    Discover the key concepts covered in this course

IN THIS COURSE

  • 1m 29s
  • 9m 27s
    After completing this video, you will be able to describe threats and threat actors, such as privileged insiders, state actors, hacktivists, script kiddies, and criminal syndicates. FREE ACCESS
  • Locked
    3.  Attributes of Actors
    5m 35s
    In this video, you will learn how to define the attributes of actors such as internal, external, sophistication, capability, resources, funding, intent, and motivation. FREE ACCESS
  • Locked
    4.  Threat Vectors
    3m 2s
    Find out how to compare threat vectors such as direct access, wireless, e-mail, supply chain, social media, removable media, and cloud-based. FREE ACCESS
  • Locked
    5.  Threat Intelligence Sources
    7m 45s
    Learn how to survey intelligence sources like OSINT, proprietary, vulnerability databases, public or private information, sharing centers, and the dark web. FREE ACCESS
  • Locked
    6.  Research Sources
    3m 35s
    Upon completion of this video, you will be able to describe research sources such as vendor web sites, vulnerability feeds, conferences, academic journals, and request for comments. FREE ACCESS
  • Locked
    7.  Cloud vs. On-premise Vulnerability
    4m 10s
    During this video, you will learn how to compare cloud-based and on-premise vulnerabilities. FREE ACCESS
  • Locked
    8.  Zero-day vulnerabilities
    1m 49s
    Upon completion of this video, you will be able to describe zero-day vulnerabilities as computer-software threats that are unknown to, or unaddressed by, those who should be interested in mitigating the vulnerability, including the vendor of the target software. FREE ACCESS
  • Locked
    9.  Weak Configurations
    5m 13s
    Find out how to survey weak configurations such as open permissions, unsecured root accounts, errors, weak encryption, and insecure protocols. FREE ACCESS
  • Locked
    10.  Third-party Risks
    3m 24s
    In this video, you will define third-party risks including partner or vendor management, system integration, lack of vendor support, supply chain risk, and outsourced code development. FREE ACCESS
  • Locked
    11.  Improper Patch Management
    1m 55s
    Upon completion of this video, you will be able to describe improper patch management for firmware, operating systems, and applications. FREE ACCESS
  • Locked
    12.  Legacy Platforms and Various Impacts
    2m 28s
    Upon completion of this video, you will be able to recognize legacy platforms and their varied impacts like data leakage and loss, data breaches, data exfiltration, and identity theft. FREE ACCESS
  • Locked
    13.  Course Summary
    44s

EARN A DIGITAL BADGE WHEN YOU COMPLETE THIS COURSE

Skillsoft is providing you the opportunity to earn a digital badge upon successful completion on some of our courses, which can be shared on any social network or business platform.

Digital badges are yours to keep, forever.

YOU MIGHT ALSO LIKE

Course Information Security for Leaders: Elements of InfoSec
Rating 4.6 of 5 users Rating 4.6 of 5 users (5)
Course CompTIA Cybersecurity Analyst+: Threat Intelligence
Rating 4.6 of 188 users Rating 4.6 of 188 users (188)
Course CompTIA Cybersecurity Analyst+: Business Continuity
Rating 5.0 of 4 users Rating 5.0 of 4 users (4)

PEOPLE WHO VIEWED THIS ALSO VIEWED THESE

Course CompTIA Security+: Security Assessment & Penetration Testing Techniques
Rating 4.5 of 441 users Rating 4.5 of 441 users (441)
Course CompTIA IT Fundamentals: Software Development Concepts
Rating 4.6 of 45 users Rating 4.6 of 45 users (45)
Book CompTIA Security+ All-in-One Exam Guide, Sixth Edition (Exam SY0-601)