Read pages 253 -292 taking notes |
Complete all 62 review questions |
Any review questions that are wrong or missing then go back into the chapter and read those areas |
Action – Videos Professor Messer |
https://www.professormesser.com/security-plus/sy0-601/sy0-601-video/sy0-601-comptia-security-plus-course/
Social Engineering
- Phishing
- Impersonating
- Dumpster Diving
- Shoulder Surfing
- Hoaxes
- Influence Campaigns
Other Social Engineering Attacks
- Attack Types
- Viruses and Worms
- Trojans and RATS
- Rootkits
- Spyware
- Bots and Botnets
- Logic Bombs
- Password Attacks
- Physical Attacks
- Adversarial Artificial Intelligence
- Supply Chain Attacks
- Cryptographic Attacks
- Cross-Site Scripting
- Injection Attacks
- Buffer Overflow
- Replay Attacks
- Request Forgeries
- Driver Manipulation
- SSL Stripping
- Race Conditions
- Other Application Attacks
- Network Attacks
- RFID and NFC Attacks
- On-Path Attacks
- MAC Flooding and Cloning
- DNS Attacks
- Denial of Service
- Malicious Scripts
1.5 Threat Actors and Vectors
- Threat Actors
- Attack Vectors
- Threat Intelligence
- Threat Research
|
Action – Lab Exercises (optional) 101 Labs
4 – Create a Dictionary Attack to Crack Online Passwords using Hydra
39 – Manual SQL Injection
62 – Cracking Basic Hashes with John the Ripper
CompTIA Security+ – 101Labs.net
Ian’s Website
Labs
PBQ – Attacks
Labs | Ian Neil’s Security+ Study Materials (securityplus.training)
|
|
Identify all attacks, the following are more important:
Polymorphic Virus
Worm
RAT
Pass the Hash
Logic Bomb
SQL Injection
CSRF/XSS
Buffer Overflow
Backdoor
Social Engineering
- Whaling
- PhishingD
- Spear Phishing
- Vishing
- SMiShing
- Identity Theft
- Tailgating
- Reconnaissance
Watering Hole Attack
Shadow IT
Threat Actors
Password Attacks
- Dictionary
- Brute Force
- Password Spraying
Directory Traversal
Session Replay
Physical Attacks
On-Path Attacks
DDoS/DoS
Zero Day Virus
DNS Poisoning/ARP Poisoning
MAC Flooding/Spoofing
Privilege Escalation
SSL Stripping
Resource Exhaustion
Shimming/Refactoring
Cryptographic Attacks
Supply Chain
Impact of Legacy Systems
Videos
Malicious USB Cable
Malicious USB Drive
DDoS Attack on Facebook
What’s Your Password?
How Private is Your Information
Bug Bounty Starter
Remote Jeep Attack
Exam Preparation | Ian Neil’s Security+ Study Materials (securityplus.training)
Default Passwords
Search for BT and Verizon
Default Passwords | CIRT.net
Security Cameras
https://www.a1securitycameras.com/blog/default-username-passwords-ip-addresses-for-surveillance-cameras/#How_can_A1_Security_Cameras_help_you
|