Attacks, Threats, and Vulnerabilities for CompTIA Security+

Focused View

Christopher Rees

5:07:05

68 View

1. Course Overview

1. Course Overview.mp4

01:43

2. Comparing Different Types of Social Engineering Techniques

01. Module Overview.mp4

01:36

02. What Is Social Engineering-.mp4

01:46

03. Phishing.mp4

01:53

04. Types of Phishing.mp4

03:46

05. Vishing.mp4

02:36

06. SPAM.mp4

02:59

07. Dumpter Diving.mp4

01:11

08. Shoulder Surfing.mp4

02:37

09. Pharming.mp4

02:27

10. Tailgating.mp4

02:20

11. Hoaxes.mp4

03:10

12. Prepending.mp4

01:44

13. Impersonation.mp4

01:10

14. Identity Fraud.mp4

01:12

15. Invoice Scam.mp4

01:28

16. Credential Harvesting.mp4

02:30

17. Watering Hole Attack.mp4

01:49

18. Typo Squatting - URL Hijacking.mp4

02:18

19. Hybrid Warfare.mp4

02:52

20. Social Media and Influence Campaigns.mp4

01:12

21. Reasons for Effectiveness - Authority and Intimidation.mp4

01:51

22. Consensus and Social Proof.mp4

00:50

23. Familiarity - Liking.mp4

00:47

24. Trust.mp4

00:44

25. Scarcity - Urgency.mp4

00:32

26. Module Review.mp4

00:57

3. Analyzing Malware and Other Attacks

01. Module Overview.mp4

00:44

02. Indicators of Compromise (IOC).mp4

02:12

03. Virus.mp4

02:52

04. Crypto-malware - Ransomware.mp4

02:16

05. Trojan.mp4

03:50

06. Worms.mp4

00:50

07. Potentially Unwanted Programs (PUP).mp4

01:41

08. Fileless Virus.mp4

02:14

09. Botnets.mp4

02:35

10. Logic Bomb.mp4

01:13

11. Spyware.mp4

01:41

12. Keylogger.mp4

00:58

13. Rootkits.mp4

01:20

14. Backdoors.mp4

01:27

15. Spraying.mp4

01:18

16. Brute Force and Dictionary Attacks.mp4

02:07

17. Rainbow Tables.mp4

01:54

18. Known Plain Text - Ciphertext.mp4

00:52

19. Birthday Attack.mp4

02:27

20. Downgrade Attack.mp4

00:56

21. Physical Attacks, Malicious USB, and Skimming.mp4

03:56

22. Adversarial Artificial Intelligence (AI).mp4

01:57

23. Supply Chain Attacks.mp4

02:14

24. Supply Chain Attack Example.mp4

01:26

25. Cloud-Based vs. On-prem Attacks.mp4

03:26

26. Module Review.mp4

00:35

4. Recognizing Application Attacks

01. Module Overview.mp4

00:41

02. Privilege Escalation.mp4

02:18

03. Cross Site Scripting (XSS).mp4

02:54

04. SQL Injection.mp4

01:16

05. DLL Injection.mp4

01:57

06. LDAP Injection.mp4

00:43

07. XML Injection.mp4

01:11

08. Pointer Dereference.mp4

01:20

09. Directory Traversal - Command Injection.mp4

01:38

10. Buffer Overflow.mp4

01:05

11. Race Conditions.mp4

01:37

12. Time of Check.mp4

01:14

13. Secure Coding Concepts, Error Handling, and Input Validation.mp4

04:27

14. Replay Attacks.mp4

01:03

15. Integer Overflow.mp4

01:07

16. Cross Site Request Forgery (XSRF).mp4

02:32

17. API Attacks.mp4

02:03

18. Resource Exhaustion.mp4

01:52

19. Memory Leak.mp4

01:41

20. SSL Stripping.mp4

02:06

21. Shimming.mp4

01:05

22. Refactoring.mp4

00:59

23. Pass the Hash.mp4

01:56

24. Module Review.mp4

00:29

5. Identifying Network Attacks

01. Module Overview.mp4

00:44

02. Rogue Access Points and Evil Twin.mp4

03:21

03. Bluejack and Bluesnarfing.mp4

03:16

04. Dissociation.mp4

01:23

05. Jamming.mp4

01:04

06. RFID.mp4

01:08

07. Near Field Communication (NFC).mp4

01:27

08. IV Attack.mp4

03:03

09. On-path Attacks (Formerly MiTM).mp4

00:57

10. On-path Attacks (Formerly MiTB).mp4

02:30

11. ARP Poisoning.mp4

01:24

12. IP-MAC Spoofing.mp4

00:51

13. MAC Flooding.mp4

02:09

14. MAC Cloning.mp4

01:55

15. DNS Poisoning.mp4

01:03

16. Typo Squatting - URL Hijacking.mp4

02:19

17. Distributed Denial of Service (DDoS).mp4

02:16

18. Smurf Attack (Amplification).mp4

02:59

19. DDoS Attack Vectors.mp4

01:05

20. Malicious Code Execution.mp4

01:58

6. Distinguishing Threat Actors, Vectors, and Intelligence Sources

01. Module Review.mp4

01:07

02. Script Kiddies.mp4

00:59

03. Hacktivists.mp4

00:59

04. Organized Crime.mp4

01:12

05. Nation States - APT.mp4

01:18

06. Insiders.mp4

01:26

07. Competitors.mp4

01:25

08. Threat Actor Attributes.mp4

00:38

09. Attack Vectors.mp4

07:33

10. Use of Open Source Intelligence.mp4

02:32

11. Closed - Proprietary Intelligence.mp4

00:44

12. Vulnerability Databases.mp4

01:30

13. Public and Private Information Sharing.mp4

01:16

14. Dark Web.mp4

02:21

15. Indicators of Compromise (IOC).mp4

01:42

16. Automate Indicator Sharing (AIS).mp4

01:04

17. TAXII Layout.mp4

01:01

18. MITRE.mp4

02:26

19. Gathering and Correlating Information.mp4

01:57

20. Predictive Analysis.mp4

01:06

21. Threat Maps.mp4

00:43

22. Live Cyber Threat Map.mp4

00:40

23. File - Code Repositories.mp4

01:29

24. Research Sources.mp4

03:05

7. Understanding Vulnerabilities and Security Risks

01. Module Overview.mp4

00:53

02. Cloud-based vs. On-premise.mp4

02:43

03. New Threats - Zero Days.mp4

02:00

04. Mis-configuration - Weak Configuration.mp4

01:13

05. Shared Accounts (Improperly Configured).mp4

01:15

06. Weak Configuration Considerations.mp4

02:36

07. Weak Cipher Suites and Implementations.mp4

01:56

08. Improper Certificate and Key Management.mp4

01:22

09. Secure Protocols.mp4

03:06

10. Default Configurations.mp4

01:18

11. Third-party Risks.mp4

02:35

12. Vendor Management.mp4

01:55

13. Vulnerable Business Processes.mp4

00:42

14. Outsourced Code Mangement.mp4

01:04

15. Improper or Weak Patch Management.mp4

02:24

16. Legacy Platforms.mp4

01:43

17. Impact Areas.mp4

01:48

18. Effects of Impacts.mp4

01:52

8. Defining Security Assessment Techniques

01. Module Overview.mp4

00:58

02. Specific Types of Threats.mp4

00:48

03. What Is Cyber Threat Intelligence-.mp4

01:27

04. Importance of Cyber Threat Intelligence.mp4

00:52

05. Threat Intelligence Classification.mp4

01:44

06. Strategic, Operational, and Tactical Intelligence.mp4

01:17

07. Gathering and Correlating Information.mp4

02:06

08. Stages of Risk Management.mp4

02:57

09. Risk Management Data Sources.mp4

02:27

10. Vulnerability Scanning.mp4

00:46

11. False Positive.mp4

00:51

12. False Positive Audits.mp4

00:37

13. False Negatives.mp4

00:42

14. Intrusive vs. Non-intrusive.mp4

00:31

15. Passively Test Security Controls.mp4

00:39

16. Credentialed vs. Non-credentialed.mp4

02:21

17. Identify Vulnerabilities and Lack of Security Controls.mp4

01:40

18. Identify Common Misconfigurations.mp4

01:45

19. Things to Remember.mp4

02:24

20. Common Vulnerabilities and Exposures (CVE).mp4

03:05

21. CVSS.mp4

01:44

22. Security Information and Event Management (SEIM).mp4

01:57

23. Security Orchestration, Automation, and Response.mp4

01:56

9. Defining Penetration Testing

01. Module Intro.mp4

00:34

02. Penetration Testing.mp4

01:04

03. Penetration Testing Steps.mp4

02:27

04. Known, Unknown, and Partially Known Environments.mp4

00:54

05. Rules of Engagement.mp4

01:42

06. Lateral Movement.mp4

01:16

07. Escalation of Privilege.mp4

00:39

08. Methods of Privilege Escalation.mp4

01:31

09. Persistence.mp4

00:36

10. Cleanup.mp4

01:15

11. Bug Bounty.mp4

01:26

12. Pivoting.mp4

02:05

13. Types of Reconnaissance.mp4

02:31

14. War Flying.mp4

01:15

15. War Driving.mp4

01:18

16. Red, Blue, Purple, and White Security Teams.mp4

02:08

17. Module Review.mp4

01:05

Description

This course will teach you the fundamentals and key concepts around the threats, attacks, and vulnerabilities your organization is likely to face. More importantly you’re learn how to mitigate those risks and protect your organization.

What You'll Learn?

In this course, you’ll learn about the various threats faced by social engineering techniques like phishing, pharming, and identity fraud. First, you’ll learn about potential indicators of compromise used to determine the types of attack to systems, applications, and networks. Next, you’ll discover the various intelligence sources used to identify and combat these threats. Finally, you’ll become familiar with various penetration testing tools and techniques. When you’re finished with this course, you’ll have the skills and knowledge needed to pass the Threats, Attacks, and Vulnerabilities section of Security+, along with the skills needed to help protect your company from attacks both internal and external.

More details

User Reviews

Rating

average 0

Total votes0

Focused display

CompTIA Security+

Christopher Rees

Instructor's Courses

Chris is a professional information technologist, trainer, manager and lifelong learner. He is married with 3 beautiful children and interested in martial arts, working out, spending time with family and friends and being creative whenever possible. He has created a number of IT Certification training courses over the past 10 years and really enjoys helping people advance their careers through training and personal development.

Pluralsight

View courses Pluralsight

Pluralsight, LLC is an American privately held online education company that offers a variety of video training courses for software developers, IT administrators, and creative professionals through its website. Founded in 2004 by Aaron Skonnard, Keith Brown, Fritz Onion, and Bill Williams, the company has its headquarters in Farmington, Utah. As of July 2018, it uses more than 1,400 subject-matter experts as authors, and offers more than 7,000 courses in its catalog. Since first moving its courses online in 2007, the company has expanded, developing a full enterprise platform, and adding skills assessment modules.