It is crucial that you be able to recognize various application and network attacks and be able to protect your infrastructure from them. In this course, you'll learn to analyze different application attacks such as privilege escalation, cross-site scripting, request forgery, injection, code, and APIs. You'll also look at other attacks like SSL stripping, pass the hash, and driver manipulation. Then, you'll move on to explore a variety of network attacks, including wireless, man-in-the-middle, Layer 2, DNS, DDoS, and malicious code or script execution. This course can be used in preparation for the CompTIA Security+ SY0-601 certification exam.
describe privilege escalation and elevation techniques that exploit poor least privilege policies
describe and compare cross-site scripting and cross-site request forgery, which are now the most common attacks against web services
describe different injection attacks against SQL, DLLs, LDAP, and XML
recognize a variety of coding attacks like pointer/object dereference, directory traversal, buffer overflows, and race conditions
describe API attacks, the most common being against login credentials and authentication
describe secure sockets layer stripping against web servers and pass the hash attacks against older version of Windows operating systems, which are still common in IoT and embedded devices
define device driver manipulation in Windows and *nix systems including shimming and refactoring
describe wireless attacks like evil twin, rogue access points, disassociation, and jamming
define exploits where the attacker secretly relays and possibly alters communications between two parties who assume they are communicating with each other
describe Layer 2 attacks such as ARP poisoning, MAC flooding, and MAC cloning
define DNS attacks such as domain hijacking, DNS poisoning, and URL redirection
describe DDoS attacks against the network, applications, and operational technology
recognize malicious code or script execution targeting PowerShell, Python, Bash shells, macros, and Visual Basic for Applications