SY0-601 - CompTIA Security+: Social Engineering Techniques & Attack Types


Overview/Description
Expected Duration
Lesson Objectives
Course Number
Expertise Level


Overview/Description

Common attack types social engineers use target victims using a long list of examples such as phishing, smishing, vishing, pretexting, pharming, tailgaiting, and shoulder surfing. In this course, you'll learn about various social engineering techniques including types of phishing, hoaxes, and intelligence gathering. Then you'll move on to examine influence campaigns and the reasons for social engineering effectiveness. Next, you'll learn about malware attacks including password attacks, physical attacks, supply-chain, and cryptographic attacks. Finally, you'll explore adversarial AI, and cloud-based vs. on-premise attacks. This course can be used in preparation for the CompTIA Security+ SY0-601 certification exam.



Expected Duration (hours)
1.2

Lesson Objectives

SY0-601 - CompTIA Security+: Social Engineering Techniques & Attack Types

  • discover the key concepts covered in this course
  • define different phishing attacks including spear phishing and whaling
  • describe spam and its variants such as spim
  • describe dumpster diving, shoulder surfing, pharming, and other exploits
  • define types of scams, fraud, and hoaxes
  • describe influence campaigns and disinformation initiatives
  • describe reasons for effectiveness such as authority, intimidation, and scarcity
  • describe various common malware attacks like viruses and worms
  • recognize additional more complex malware attack types like fileless viruses, command and control bots, and crypto malware
  • describe password attacks such as spraying, dictionary, and brute force
  • describe physical attacks like malicious flash drives, card cloning, and skimming
  • define adversarial AI as in tainted training data for machine learning
  • describe damage done to organizations by targeting less-secure elements in the supply network
  • compare cloud-based service provider malware attacks to on-premise attacks on the data center or enterprise edge
  • describe cryptographic attacks such as birthday, collision, and downgrade
  • summarize the key concepts covered in this course

    • Course Number:
    it_cssecp2020_01_enus

    Expertise Level
    Intermediate