Threats, threat actors and vulnerabilities Course
4 hours, 7 minutes
Syllabus
Malware
Video - 00:20:00
Overview of various types of malware and strategies for their identification, prevention, and mitigation.
Attack types - social engineering
Video - 00:08:00
Discover various social engineering techniques: Phishing, tricking users via electronic communication; Vishing, its voice-based counterpart using the telephone system; Pretexting, fabricating scenarios to steal data or influence actions; Tailgating, gaining unauthorized access by following authorized personnel; and Baiting, enticing end users for login information or private data.
Attack types - File based
Video - 00:36:00
Examine the landscape of malware threats, including file-based and fileless types, targeting vulnerabilities in software, networks, and default credentials.
Attack types - Supply Chain
Video - 00:05:00
Explore the dynamics of the supply chain ecosystem, including the roles of Managed Service Providers (MSPs), vendors, and suppliers.
Attack types - Physical
Video - 00:22:00
Explore physical attack types such as malicious USB, flash drives, card cloning, and skimming for enhanced security awareness.
Attack types - Network
Video - 00:20:00
Explore various network attack types, including network, on-path, ARC poisoning, and DNS poisoning.
Attack types - Application and service attacks
Video - 00:21:00
Application and password attacks target software and user credentials. SQL injection involves inserting malicious SQL code into queries, brute force attacks attempt to guess passwords through exhaustive trial and error, and password spraying uses a few common passwords against many accounts to avoid triggering lockout mechanisms.
Attack types - Cryptographic attacks
Video - 00:12:00
Discover various cryptographic attacks, including the Birthday Attack, Rainbow Table Attack, and Side-Channel Attack, each exploiting different vulnerabilities to compromise security measures.
Threat actors
Video - 00:33:00
Covers types of cyber attackers, motivations behind attacks such as financial gain, espionage, and personal grievances, insider threats from within organizations, characteristics of external threat actors, and details on advanced persistent threats (APTs) including their sophisticated methods and strategic objectives.
Application and OS vulnerabilities
Video - 00:23:00
Application vulnerabilities include flaws in software that can be exploited by attackers, such as improper input validation and SQL injection.
Web vulnerabilities
Video - 00:25:00
Web vulnerabilities encompass security issues in web applications, such as cross-site scripting (XSS), cross-site request forgery (CSRF), and directory traversal.
Hardware and Mobile Vulnerabilities
Video - 00:22:00
Explore a spectrum of vulnerabilities across various domains, including zero-day, application, OS, web, hardware, virtualization, supply chain, cryptographic, and mobile devices.
Unlock 7 days of free training
- 1,400+ hands-on courses and labs
- Certification practice exams
- Skill assessments
Plans & pricing
Infosec Skills Personal
$299 / year
- 190+ role-guided learning paths (e.g., Ethical Hacking, Threat Hunting)
- 100s of hands-on labs in cloud-hosted cyber ranges
- Custom certification practice exams (e.g., CISSP, Security+)
- Skill assessments
- Infosec peer community support
Infosec Skills Teams
$799 per license / year
- Team administration and reporting
- Dedicated client success manager
-
Single sign-on (SSO)
Easily authenticate and manage your learners by connecting to any identity provider that supports the SAML 2.0 standard.
-
Integrations via API
Retrieve training performance and engagement metrics and integrate learner data into your existing LMS or HRS.
- 190+ role-guided learning paths and assessments (e.g., Incident Response)
- 100s of hands-on labs in cloud-hosted cyber ranges
- Create and assign custom learning paths
- Custom certification practice exams (e.g., CISSP, CISA)
- Optional upgrade: Guarantee team certification with live boot camps
Learn about scholarships and financing with
Award-winning training you can trust
