Network+/Security/Threats

This lesson covers threats and vulnerabilities.

Objectives and Skills

edit

Objectives and skills for the threats and vulnerabilities portion of Network+ certification include:[1]

  • Compare and contrast common network vulnerabilities and threats
    • Attacks/threats
      • Denial of service
        • Distributed DoS
          • Botnet
          • Traffic spike
          • Coordinated attack
        • Reflective/amplified
          • DNS
          • NTP
          • Smurfing
        • Friendly/unintentional DoS
        • Physical attack
          • Permanent DoS
      • ARP cache poisoning
      • Packet/protocol abuse
      • Spoofing
      • Wireless
        • Evil twin
        • Rogue AP
        • War driving
        • War chalking
        • Bluejacking
        • Bluesnarfing
        • WPA/WEP/WPS attacks
      • Brute force
      • Session hijacking
      • Social engineering
      • Man-in-the-middle
      • VLAN hopping
      • Compromised system
      • Effect of malware on the network
      • Insider threat/malicious employee
      • Zero day attacks
    • Vulnerabilities
      • Unnecessary running services
      • Open ports
      • Unpatched/legacy systems
      • Unencrypted channels
      • Clear text credentials
      • Unsecure protocols
        • TELNET
        • HTTP
        • SLIP
        • FTP
        • TFTP
        • SNMPv1 and SNMPv2
      • TEMPEST/RF emanation

Readings

edit

Multimedia

edit
  1. Watch YouTube: Denial of Service - CompTIA Network+ N10-006 - 3.2.
  2. Watch YouTube: Wireless Network Attacks - CompTIA Network+ N10-006 - 3.2.
  3. Watch YouTube: Wireless Protocol Attacks - CompTIA Network+ N10-006 - 3.2.
  4. Watch YouTube: Brute Force Attacks - CompTIA Network+ N10-006 - 3.2.
  5. Watch YouTube: Session Hijacking - CompTIA Network+ N10-006 - 3.2.
  6. Watch YouTube: Social Engineering - CompTIA Network+ N10-006 - 3.2.
  7. Watch YouTube: Man in the Middle Attacks - CompTIA Network+ N10-006 - 3.2.
  8. Watch YouTube: VLAN Hopping - CompTIA Network+ N10-006 - 3.2.
  9. Watch YouTube: Compromised Systems - CompTIA Network+ N10-006 - 3.2.
  10. Watch YouTube: Insider Threats - CompTIA Network+ N10-006 - 3.2.
  11. Watch YouTube: Zero-day Attacks - CompTIA Network+ N10-006 - 3.2.
  12. Watch YouTube: Operating System Vulnerabilities - CompTIA Network+ N10-006 - 3.2.

Activities

edit

References

edit