CompTIA SY0-701: Threats,Vulnerabilities & Mitigations-Vol 2

سرفصل های دوره

Tackling Threats, Vulnerabilities, and Their Mitigations

1. Introduction

1. Course Introduction

2. Compare & Contrast Common threat actors and their Motivations

1. Nation State Threat Actors

2. Unskilled Attackers

3. Hactivists

4. Insider Threats

5. Organized Crime

6. Shadow IT

7. Quiz Understanding Cyber Threat Actors.html

8. Attributes of Threat Actors

9. Internal & External Threat Actors

10. Resources and Funding

11. Sophistication & Capabilities

12. Quiz - Attributes of Threat Actors.html

13. Threat Actors Motivations

14. Data Exfilteration

15. Espionage

16. Service Distruptions

17. Blackmail

18. Financial Gains

19. Philosophical and political beliefs

20. Ethical Motivations

21. Revenge

22. Disruption Chaos

23. Warfare

24. Chapter Summary

25. Motivations - Quiz.html

3. Explain Common Threat Vectors and attack Surfaces

1. Chapter Introduction

2. Message Based (Email, SMS and IM ) Threat Vectors

3. File based - Steganography

4. File based - Image Based

5. File based - Malicious QR Codes

6. File Based - DeepFakes and Misinformation

7. Voice call based Attacks

8. Removable devices

9. Vulnerable Software - Agent Based

10. Vulnerable Software - Agentless

11. Unsupported systems and applications

12. Unsecure Networks - Wireless - Case Studies

13. Unsecure Networks - WIRED

14. Unsecure Networks - Bluetooth

15. Open Service Ports

16. Default Credentials

17. High profile supply chain attacks

18. Human Vectors and Social Engineering

19. What is Phishing

20. Variants of Phishing

21. Vishing

22. SPAM

23. Dumpster Diving

24. Shoulder Surfing

25. Pharming

26. Tailgating

27. Hoaxes

28. Prepending

29. Impersonation

30. Identity Fraud

31. Invoice Scams

32. Credential Harvesting

33. Watering Hole Attacks

34. Typo Squatting URL Hijacking

35. Hybrid Warefare

36. Social Media and Influence Campaigns

37. Authority & Intimidation

38. Consensus and Social proof

39. Familiarity and Liking

40. Trust

41. Scarcity Urgency

42. Social Engineering - Summary

43. Milestone Check - 2.html

4. Explain various types of vulnerabilities

1. Introduction

2. Application Vulnerability - Memory Injection

3. Application Vulnerability - Race Conditions - Time of Use

4. The Impact of Application Vulnerabilities

5. Malicious Updates

6. Operating system based vulnerabilities

7. Hardware based vulnerabilities

8. Virtualization - Vulnerabilities

9. Cloud Specific Vulnerabilities

10. Supply Chain Related Vulnerabilities

11. Cryptographic Vulnerabilities

12. Misconfiguration Vulnerabilities

13. Mobile Device Vulnerabilities

14. Mobile Device Vulnerabilities - Side Loading

15. Mobile Device Vulnerabilities - JailBreaking

16. Zero Day Mobile Device Vulnerabilities

5. Given a Scenario, analyze indicators of malicious activity

1. CryptoMalware Ransomware

2. Ransomware Protection

3. Ransomware Protection - Phases

4. Trojan Horse

5. Worms

6. Spyware

7. Bloatware

8. Virus

9. Keyloggers

10. Potentially Unwanted Programs - PUPs

11. Fileless Virus

12. Logic Bomb

13. Root Kits

14. Botnets

15. Backdoors

16. Spraying

17. Brute Force & Dictionary Attacks

18. Known Plain Text Cipher Text

19. Physical Attacks - Brute Force

20. Physical Attacks - What is RFID

21. Physical Attacks - RFID Cloning

22. Physical Attacks - DDOS

23. Physical Attacks - DDOS Attacks - Historical Evidences

24. Environmental Impact on Physical Security

25. Network Attacks - DDOS

26. Network Attacks - DNS

27. Network Attacks - Mitigating DNS attacks

28. Network Attacks - Wireless

29. Network Attacks - Wireless - Mitigation Measures

30. Replay Attacks - Train Station Analogy

31. What is a Replay Attack

32. Network Attacks - On- Path Attacks

33. Network Attacks - Malicious Code

34. Application Attacks - Injection Attacks - Introduction

35. Application Attacks - Command Injection - Theory

36. Application Attacks - Command Line injection Attacks

37. Application Attacks - Command Injection Demo

38. Command-Line Injection (CLI) attacks - The Story of ShellShock

39. Application Attacks - Injection Attacks - XSSCross Site Scripting

40. Application attacks - Injection - LDAP Injection

41. Buffer Overflow attack - Train Station Analogy

42. What is a buffer overflow attack

43. Application Attacks - Credential Replay

44. Detection & Prevention of Credential Replay Attacks

45. Application Attacks - Privilege Escalation

46. What is Application-Level Forgery

47. Application Attacks - Directory Traversal

48. Cryptographic Attacks - Downgrade

49. Cryptographic Attacks - Collision

50. Indicators - Accounts Lockout

51. Indicators of Malicious Activity - Current Session Usage

52. Indicators of Malicious Activity - Blocked Content

53. Indicators of Malicious Activity - Impossible Time Travel

54. Indicators of Malicious Activity - Resource Consumption

55. Indicators of Malicious Activity - Resource inaccessibility

56. Indicators of Malicious Activity - Out-of-Cycle Logging

57. Indicators of Malicious Activity - Published Documented Indicators

58. Indicators of Malicious Activity - Logging

59. Milestone Check.html

6. Explain the purpose of mitigation techniques used to secure the enterprise

1. Segmentation

2. ACLs and Permissions

3. Application Allow Listing

4. Isolation

5. Patching

6. Encryption

7. Monitoring

8. Least Privileage

9. Configuration Enforcement

10. Decommissioning

11. Hardening Techniques - Introduction

12. Hardening Techniques -Encryption

13. Encryption Architecture Diagram

14. Hardening- Installation of endpoint Protection

15. Hardening -Host based Firewalls

16. HIPS

17. Disabling of ports and protocols

18. Default Passwords

19. Removal of unneccessary software

20. Module Summary

21. Milestone Check.html

45,900 تومان

خرید اشتراک افزودن به سبد خرید

خرید دانلودی فوری

در این روش نیاز به افزودن محصول به سبد خرید و تکمیل اطلاعات نیست و شما پس از وارد کردن ایمیل خود و طی کردن مراحل پرداخت لینک های دریافت محصولات را در ایمیل خود دریافت خواهید کرد.

تولید کننده: Udemy