This lesson covers threats and vulnerabilities.
Objectives and Skills
editObjectives and skills for the threats and vulnerabilities portion of Network+ certification include:[1]
- Compare and contrast common network vulnerabilities and threats
- Attacks/threats
- Denial of service
- Distributed DoS
- Botnet
- Traffic spike
- Coordinated attack
- Reflective/amplified
- DNS
- NTP
- Smurfing
- Friendly/unintentional DoS
- Physical attack
- Permanent DoS
- Distributed DoS
- ARP cache poisoning
- Packet/protocol abuse
- Spoofing
- Wireless
- Evil twin
- Rogue AP
- War driving
- War chalking
- Bluejacking
- Bluesnarfing
- WPA/WEP/WPS attacks
- Brute force
- Session hijacking
- Social engineering
- Man-in-the-middle
- VLAN hopping
- Compromised system
- Effect of malware on the network
- Insider threat/malicious employee
- Zero day attacks
- Denial of service
- Vulnerabilities
- Unnecessary running services
- Open ports
- Unpatched/legacy systems
- Unencrypted channels
- Clear text credentials
- Unsecure protocols
- TELNET
- HTTP
- SLIP
- FTP
- TFTP
- SNMPv1 and SNMPv2
- TEMPEST/RF emanation
- Attacks/threats
Readings
editMultimedia
edit- Watch YouTube: Denial of Service - CompTIA Network+ N10-006 - 3.2.
- Watch YouTube: Wireless Network Attacks - CompTIA Network+ N10-006 - 3.2.
- Watch YouTube: Wireless Protocol Attacks - CompTIA Network+ N10-006 - 3.2.
- Watch YouTube: Brute Force Attacks - CompTIA Network+ N10-006 - 3.2.
- Watch YouTube: Session Hijacking - CompTIA Network+ N10-006 - 3.2.
- Watch YouTube: Social Engineering - CompTIA Network+ N10-006 - 3.2.
- Watch YouTube: Man in the Middle Attacks - CompTIA Network+ N10-006 - 3.2.
- Watch YouTube: VLAN Hopping - CompTIA Network+ N10-006 - 3.2.
- Watch YouTube: Compromised Systems - CompTIA Network+ N10-006 - 3.2.
- Watch YouTube: Insider Threats - CompTIA Network+ N10-006 - 3.2.
- Watch YouTube: Zero-day Attacks - CompTIA Network+ N10-006 - 3.2.
- Watch YouTube: Operating System Vulnerabilities - CompTIA Network+ N10-006 - 3.2.