Threats, Attacks, and Vulnerabilities for CompTIA Security+
IT Security is one of the fastest growing areas in IT, and qualified, well-trained IT security and cyber-security professionals are in high-demand. This course covers domain one of the CompTIA Security+ certification exam.
What you'll learn
This course covers domain one of the CompTIA Security+ certification exam. In this course, Threats, Attacks, and Vulnerabilities for CompTIA Security+, you'll learn about the various types of threats and attacks every company faces. First, you'll learn the ins and outs of Malware, ransom-ware, viruses, Trojans, rootkits, social engineering attacks, application vulnerabilities, and DDoS attacks. Next, you'll also learn the characteristics of the various types of threat actors, the skills they have and the tools they use. Finally, you'll learn about penetration testing and vulnerability scanning and how they're used to help tighten security and mitigate potential breaches. By the end of this course, you'll have a solid understanding of the various threats you're likely to face and what tools are available to mitigate these threats.
Table of contents
- Module Intro 1m
- Social Engineering 2m
- Social Engineering Attacks 3m
- Vishing 1m
- Tailgaiting 2m
- Impersonation 1m
- Dumpster Diving 1m
- Shoulder Surfing 3m
- Hoaxes 2m
- Watering Hole Attack 2m
- Authority and Intimidation 2m
- Consensus and Social Proof 1m
- Familiarity and Liking 1m
- Trust 1m
- Scarcity and Urgency 1m
- DDoS 2m
- Replay Attacks 1m
- Man in the Middle Attack 1m
- Buffer Overflow Attack 1m
- SQL Injection Attack 1m
- LDAP Injection Attack 1m
- XML Injection Attack 1m
- Cross Site Scription (XSS) and Cross Site Request Forgery (XSRF) 5m
- Privilege Escalation 2m
- ARP Poisoning 1m
- Smurf Attack (Amplification) 3m
- DNS Poisoning 1m
- Zero Day 2m
- Pass the Hash 2m
- Clickjacking 2m
- Session Hijacking 1m
- Typo Squatting and URL Hijacking 2m
- Shimming 1m
- Refactoring 1m
- IP/MAC Spoofing 1m
- Replay Attacks (Wireless) 2m
- IV Attack 3m
- Rogue Access Points 3m
- WPS Attacks 3m
- Bluejacking and Bluesnarfing 3m
- NFC Attacks 2m
- Radio Frequency Identification (RFID) 1m
- Dissociation 1m
- Password, Brute Force, and Dictionary Attacks 3m
- Birthday Attack 3m
- Rainbow Tables 2m
- Collision Attack 1m
- Downgrade Attack 1m
- Known Plain Text / Ciphertext 1m
- Weak Implementations and Module Review 2m
- Module Overview 1m
- Penetration Testing 1m
- Steps of a Penetration Test 2m
- Types of Reconnaissance Including Active and Passive 3m
- Pivoting 2m
- Initial Exploitation 2m
- Persistence 1m
- Escalation of Privilege 1m
- Methods of Privilege Escalation 2m
- Black Box, White Box, and Grey Box Testing 1m
- Pen Testing vs. Vulnerability Scanning 2m
- Red vs. Blue Teams 2m
- Module Review 1m
- Module Overview 1m
- Impact Assessment 1m
- Race Conditions 2m
- Time of Check and Time of Check to Time of Use 1m
- Support/Lifecycle Vulnerabilities 4m
- Impact of Vulnerabilities 2m
- Secure Coding Concepts 4m
- Misconfiguration/Weak Configuration 1m
- Default Configuration 1m
- Resource Exhaustion 2m
- Untrained Users 2m
- Shared Accounts (Improperly Configured) 1m
- Vulnerable Business Processes 2m
- Weak Cipher Suites and Implementations 2m
- Memory Leaks 2m
- Integer Overflow 1m
- Pointer Dereference 1m
- DLL Injection 2m
- System Sprawl/Undocumented Assets 1m
- Architecture/Design Weaknesses 2m
- New Threats/Zero Days 2m
- Improper Certificate and Key Management 1m
- Module Review 1m
About the author
Chris is a professional information technologist, trainer, manager and lifelong learner. He is married with 3 beautiful children and interested in martial arts, working out, spending time with family and friends and being creative whenever possible. He has created a number of IT Certification training courses over the past 10 years and really enjoys helping people advance their careers through training and personal development.