Tackling Threats, Vulnerabilities, and Their Mitigations
What you will learn
Identify and differentiate between various threat actors including nation-states, insiders, hacktivists, and organized criminals.
Analyze the motivations behind cyber attacks ranging from financial gain to espionage and political beliefs.
Explore how attackers exploit different communication mediums like email, SMS, and instant messaging.
Understand the vulnerabilities associated with various technologies including removable devices, unsecured networks, and open service ports.
Dive deep into application, operating system, web, hardware, and cloud-specific vulnerabilities.
Learn about zero-day vulnerabilities, misconfigurations, and the risks involved with legacy and end-of-life systems.
Develop skills to detect and analyze signs of cyber attacks and breaches, preparing for effective incident response.
Master a range of mitigation techniques and best practices to defend against malware, network attacks, application attacks, and more.
Understand the importance of encryption, access control, patching, and other hardening techniques to protect organizational assets.
Description
Cybersecurity threats are becoming more sophisticated, and the need for skilled professionals has never been higher. Whether you’re an aspiring cybersecurity specialist, an IT professional seeking to specialize in security, or a business owner looking to safeguard your digital assets, this course provides the comprehensive insights and practical skills you need to succeed. By the end of this module, you’ll not only be prepared to take the CompTIA Security+ SY0-701 exam but also to implement robust security measures in various professional contexts.
What You Will Learn
- Understanding Cybersecurity Threat Actors and Motivations: Delve into the psyche and methodologies of various threat actors, including nation-states, insider threats, and hacktivists. Learn to predict potential attacks by understanding their motivations, from financial gain to espionage.
- Comprehensive Overview of Threat Vectors and Attack Surfaces: Explore the myriad ways cyber attacks can infiltrate systems, from phishing emails and malware-laden attachments to insecure networks and vulnerable software. Understand how to identify and secure potential weaknesses in your organization’s digital armor.
- In-Depth Analysis of Cybersecurity Vulnerabilities: Gain expert knowledge on the types of vulnerabilities that can exist across applications, operating systems, hardware, and cloud-based systems. Learn about zero-day vulnerabilities, misconfigurations, and the risks associated with legacy systems.
- Identifying and Analyzing Indicators of Compromise: Master the art of detecting early signs of cyber breaches. Develop skills in analyzing logs, recognizing unusual system behavior, and effectively responding to mitigate damage.
- Mitigation Techniques to Secure Enterprises: Learn about the latest strategies and tools to defend against and respond to cyber attacks. From implementing robust malware defenses to crafting effective access control and encryption policies, equip yourself with the knowledge to build a comprehensive security framework.
English
language
Content
Introduction
Course Introduction
Compare & Contrast Common threat actors and their Motivations
Nation State Threat Actors
Unskilled Attackers
Hactivists
Insider Threats
Organized Crime
Shadow IT
Quiz: Understanding Cyber Threat Actors
Attributes of Threat Actors
Internal & External Threat Actors
Resources and Funding
Sophistication & Capabilities
Quiz – Attributes of Threat Actors
Threat Actors Motivations
Data Exfilteration
Espionage
Service Distruptions
Blackmail
Financial Gains
Philosophical and political beliefs
Ethical Motivations
Revenge
Disruption / Chaos
Warfare
Chapter Summary
Motivations – Quiz
Explain Common Threat Vectors and attack Surfaces
Chapter Introduction
Message Based (Email, SMS and IM ) Threat Vectors
File based – Steganography
File based – Image Based
File based – Malicious QR Codes
File Based – DeepFakes and Misinformation
Voice call based Attacks
Removable devices
Vulnerable Software – Agent Based
Vulnerable Software – Agentless
Unsupported systems and applications
Unsecure Networks – Wireless – Case Studies
Unsecure Networks – WIRED
Unsecure Networks – Bluetooth
Open Service Ports
Default Credentials
High profile supply chain attacks
Human Vectors and Social Engineering
What is Phishing
Variants of Phishing
Vishing
SPAM
Dumpster Diving
Shoulder Surfing
Pharming
Tailgating
Hoaxes
Prepending
Impersonation
Identity Fraud
Invoice Scams
Credential Harvesting
Watering Hole Attacks
Typo Squatting URL Hijacking
Hybrid Warefare
Social Media and Influence Campaigns
Authority & Intimidation
Consensus and Social proof
Familiarity and Liking
Trust
Scarcity / Urgency
Social Engineering – Summary
Milestone Check – 2
Explain various types of vulnerabilities
Introduction
Application Vulnerability – Memory Injection
Application Vulnerability – Race Conditions – Time of Use
The Impact of Application Vulnerabilities
Malicious Updates
Operating system based vulnerabilities
Hardware based vulnerabilities
Virtualization – Vulnerabilities
Cloud Specific Vulnerabilities
Supply Chain Related Vulnerabilities
Cryptographic Vulnerabilities
Misconfiguration Vulnerabilities
Mobile Device Vulnerabilities
Mobile Device Vulnerabilities – Side Loading
Mobile Device Vulnerabilities – JailBreaking
Zero Day Mobile Device Vulnerabilities
Milestone Check
Given a Scenario, analyze indicators of malicious activity
CryptoMalware Ransomware
Ransomware Protection
Ransomware Protection – Phases
Trojan Horse
Worms
Spyware
Bloatware
Virus
Keyloggers
Potentially Unwanted Programs – PUPs
Fileless Virus
Logic Bomb
Root Kits
Botnets
Backdoors
Spraying
Brute Force & Dictionary Attacks
Known Plain Text / Cipher Text
Physical Attacks – Brute Force
Physical Attacks – What is RFID
Physical Attacks – RFID Cloning
Physical Attacks – DDOS
Physical Attacks – DDOS Attacks – Historical Evidences
Environmental Impact on Physical Security
Network Attacks – DDOS
Network Attacks – DNS
Network Attacks – Mitigating DNS attacks
Network Attacks – Wireless
Network Attacks – Wireless – Mitigation Measures
Replay Attacks – Train Station Analogy
What is a Replay Attack ?
Network Attacks – On- Path Attacks
Network Attacks – Malicious Code
Milestone Check
Application Attacks – Injection Attacks – Introduction
Application Attacks – Command Injection – Theory
Application Attacks – Command Line injection Attacks
Application Attacks – Command Injection Demo
Command-Line Injection (CLI) attacks – The Story of ShellShock
Application Attacks – Injection Attacks – XSS/Cross Site Scripting
Application attacks – Injection – LDAP Injection
Buffer Overflow attack – Train Station Analogy
What is a buffer overflow attack?
Application Attacks – Credential Replay
Detection & Prevention of Credential Replay Attacks
Application Attacks – Privilege Escalation
What is Application-Level Forgery
Application Attacks – Directory Traversal
Cryptographic Attacks – Downgrade
Cryptographic Attacks – Collision
Milestone Check
Milestone Check
Indicators – Accounts Lockout
Indicators of Malicious Activity – Current Session Usage
Indicators of Malicious Activity – Blocked Content
Indicators of Malicious Activity – Impossible Time Travel
Indicators of Malicious Activity – Resource Consumption
Indicators of Malicious Activity – Resource inaccessibility
Indicators of Malicious Activity – Out-of-Cycle Logging
Indicators of Malicious Activity – Published _ Documented Indicators
Indicators of Malicious Activity – Logging
Milestone Check
Explain the purpose of mitigation techniques used to secure the enterprise
Segmentation
ACL’s and Permissions
Application Allow Listing
Isolation
Patching
Encryption
Monitoring
Least Privileage
Configuration Enforcement
Decommissioning
Hardening Techniques – Introduction
Hardening Techniques -Encryption
Encryption Architecture Diagram
Hardening- Installation of endpoint Protection
Hardening -Host based Firewalls
HIPS
Disabling of ports and protocols
Default Passwords
Removal of unneccessary software
Module Summary
Milestone Check