Overview
-
Prepare for the first domain of the CompTIA Security+ (SY0-601) exam, Threats, Attacks, and Vulnerabilities.
Syllabus
-
Introduction
- Threats, attacks, and vulnerabilities
- What you need to know
- Study resources
- Comparing viruses, worms, and Trojans
- Malware payloads
- Understanding backdoors and logic bombs
- Looking at advanced malware
- Understanding botnets
- Malicious script execution
- Cybersecurity adversaries
- Preventing insider threats
- Attack vectors
- Zero days and the advanced persistent threat
- Threat intelligence
- Managing threat indicators
- Intelligence sharing
- Threat research
- Identifying threats
- Automating threat intelligence
- Threat hunting
- Social engineering
- Impersonation attacks
- Identity fraud and pretexting
- Watering hole attacks
- Physical social engineering
- Password attacks
- Password spraying and credential stuffing
- Adversarial artificial intelligence
- Vulnerability impact
- Supply chain vulnerabilities
- Configuration vulnerabilities
- Architectural vulnerabilities
- What is vulnerability management?
- Identify scan targets
- Scan configuration
- Scan perspective
- SCAP (Security Content Automation Protocol)
- CVSS (Common Vulnerability Scoring System)
- Analyzing scan reports
- Correlating scan results
- Penetration testing
- Bug bounty
- Cybersecurity exercises
- Continuing your studies
