CompTIA Security+: Threat Actors & Vectors
CompTIA Security+
| Beginner
- 12 videos | 34m 39s
- Includes Assessment
- Earns a Badge
One of the primary goals for an emerging security practitioner is to have a firm grasp of the present threatscape. The learner will build this vital knowledge base in this course. In this course, we will explore threat actor types, attributes, and motivations. Next, we will dive into the use of human vectors and social engineering as well as common attack surfaces. Then we will explore supply chain, application, and O/S and web-based vulnerabilities. Finally, we will cover hardware and virtualization vulnerabilities, cloud vulnerabilities, and mobile device vulnerabilities. This course is part of a series that prepares you for the CompTIA Security+ (SY0-701) exam.
WHAT YOU WILL LEARN
-
Discover the key concepts covered in this course
Compare threat actor types including nation-state, unskilled attacker, hacktivist, insider threat, and organized crime, and attributes such as internal/external, resources/funding, sophistication, and capability levels
Define threat actor motivations such as data exfiltration, espionage, service disruption, blackmail, financial gain, political beliefs, ethical, revenge, disruption/chaos, and war
Outline human vectors and social engineering including phishing, business email compromise, vishing, smishing, disinformation, impersonation, hoaxing, pretexting, brand impersonation, typosquatting, and watering hole
Outline common attack surfaces like removable devices, vulnerable software, client-based vs. agentless, unsupported systems and applications, unsecure networks, open service ports, and default credentials
Outline supply chain vulnerabilities including managed service providers, vendors, suppliers, service providers, and hardware and software providers -
Compare application vulnerabilities including memory injection, buffer overflow, race conditions, time-of-check (toc)/time-of-use (tou), malicious updates, and zero days
Outline os-based and web-based vulnerabilities such as misconfiguration, unpatched, outdated, sqli, cross-site scripting (xss), and request forgeries
Recognize hardware and virtualization vulnerabilities including firmware, end-of-life, legacy issues, virtual machine escape, sprawl, and resource reuse
Outline the csa list of cloud vulnerabilities
Define mobile device vulnerabilities like side loading, jailbreaking, and rooting
Summarize the key concepts covered in this course
IN THIS COURSE
-
39sIn this video, we will discover the key concepts covered in this course. FREE ACCESS
-
5m 49sAfter completing this video, you will be able to compare threat actor types including nation-state, unskilled attacker, hacktivist, insider threat, and organized crime, and attributes such as internal/external, resources/funding, sophistication, and capability levels. FREE ACCESS
-
3. Threat Actor Motivations1m 26sUpon completion of this video, you will be able to define threat actor motivations such as data exfiltration, espionage, service disruption, blackmail, financial gain, political beliefs, ethical, revenge, disruption/chaos, and war. FREE ACCESS
-
4. Human Vectors and Social Engineering5m 16sAfter completing this video, you will be able to outline human vectors and social engineering including phishing, business email compromise, vishing, smishing, disinformation, impersonation, hoaxing, pretexting, brand impersonation, typosquatting, and watering hole. FREE ACCESS
-
5. Common Attack Surfaces1m 37sUpon completion of this video, you will be able to outline common attack surfaces like removable devices, vulnerable software, client-based vs. agentless, unsupported systems and applications, unsecure networks, open service ports, and default credentials. FREE ACCESS
-
6. Supply Chain Vulnerabilities1m 45sAfter completing this video, you will be able to outline supply chain vulnerabilities including managed service providers, vendors, suppliers, service providers, and hardware and software providers. FREE ACCESS
-
7. Application Vulnerabilities3m 47sUpon completion of this video, you will be able to compare application vulnerabilities including memory injection, buffer overflow, race conditions, time-of-check (TOC)/time-of-use (TOU), malicious updates, and zero days. FREE ACCESS
-
8. OS-based and Web-based Vulnerabilities5m 26sAfter completing this video, you will be able to outline OS-based and web-based vulnerabilities such as misconfiguration, unpatched, outdated, SQLi, cross-site scripting (XSS), and request forgeries. FREE ACCESS
-
9. Hardware and Virtualization Vulnerabilities3m 21sUpon completion of this video, you will be able to recognize hardware and virtualization vulnerabilities including firmware, end-of-life, legacy issues, virtual machine escape, sprawl, and resource reuse. FREE ACCESS
-
10. The Cloud Security Alliance (CSA) Treacherous 12 Cloud Vulnerabilities2m 29sAfter completing this video, you will be able to outline the CSA list of cloud vulnerabilities. FREE ACCESS
-
11. Mobile Device Vulnerabilities2m 24sUpon completion of this video, you will be able to define mobile device vulnerabilities like side loading, jailbreaking, and rooting. FREE ACCESS
-
12. Course Summary40sIn this video, we will summarize the key concepts covered in this course. FREE ACCESS
EARN A DIGITAL BADGE WHEN YOU COMPLETE THIS COURSE
Skillsoft is providing you the opportunity to earn a digital badge upon successful completion on some of our courses, which can be shared on any social network or business platform.
Digital badges are yours to keep, forever.
