Transcription
CompTIASecurity 01Attacks, Threats, andVulnerabilitiesSTUDY PLAN
MAALINKA 1AADINFORMATION SECURITY ROLES1. Information Security2. Cybersecurity Framework3. Information Security Competencies4. Information Security Roles and Responsibilities5. Information Security Business Units6. Questions 01: Security Roles and Security ControlsMAALINKA 2AADSECURITY CONTROL AND FRAMEWORK TYPES1. Security Control Categories2. Security Control Functional Types3. NIST Cybersecurity Framework4. ISO and Cloud Frameworks5. Benchmarks and Secure Configuration Guides6. Regulations, Standards, and LegislationMAALINKA 3AADTHREAT ACTOR TYPES AND ATTACK VECTORS1. Vulnerability, Threat, and Risk2. Attributes of Threat Actors3. Hackers, Script Kiddies, and Hacktivists4. State Actors and Advanced Persistent Threats5. Criminal Syndicates and Competitors6. Insider Threat Actors
7. Attack Surface and Vectors8. Question 02: Threat Actors and Threat IntelligenceMAALINKA 4AADTHREAT INTELLIGENCE SOURCES1. Threat Research Sources2. Threat Intelligence Providers3. TTPs and Indicators of Compromise4. Threat Data Feeds5. Artificial Intelligence and Predictive AnalysisMAALINKA 5AADBUILD CYBERSECURITY LAB1. Building Cybersecurity Lab2. VMware Workstation Pro – Download, Install, and Configure3. DC1 – Installing Windows Server 20164. DC1 – Installing DC and DNS5. MS1 – Installing Windows Server 20166. DC1 – Install Certification Authority (CA)7. MS1 – Installing and Configure DHCP8. MS1 – Installing and Configure IIS Server9. LP1 – Graphical User Interface of Kali Linux10. LP1 – Kali Linux Terminal11. LP1 – Basics Linux Commands12. LX1 – Download and Install CentOS13. PT1 – Download and Install Kali Linux14. RT1-LOCAL, RT2-ISP, RT3-INT VMs – VyOS Linux
MAALINKA 6AADNETWORK RECONNAISSANCE TOOLS1. Ipconfig, ping, and arp2. Route and traceroute3. Use nmap to discover hosts4. Netstat and nslookup5. Reconnaissance and Discovery Tools6. Packet Capture and tcpdump7. Packet Analysis and Wireshark8. Packet Injection and Replay9. Exploitation FrameworksMAALINKA 7AADGENERAL VULNERABILITY TYPES1. Software Vulnerabilities and Patch Management2. Zero-day and Legacy Platform Vulnerabilities3. Weak Host Configurations4. Weak Network Configurations5. Impacts from Vulnerabilities6. Third-Party RisksMAALINKA 8AADVULNERABILITY SCANNING TECHNIQUES1. Security Assessment Frameworks2. Vulnerability Scan Types
3. Common Vulnerabilities and Exposures4. Intrusive versus Non-intrusive Scanning5. Credentialed versus Non-credentialed Scanning6. False Positives, False Negatives, and Log Review7. Configuration Review8. Threat HuntingMAALINKA 9AADPENETRATION TESTING CONCEPTS1. Penetration Testing2. Rules of Engagement3. Exercise Team Types4. Passive and Active Reconnaissance5. Pen Test Attack Life CycleMAALINKA 10AADSOCIAL ENGINEERING TECHNIQUES1. Social Engineering2. Social Engineering Principles3. Impersonation and Trust4. Dumpster Diving and Tailgating5. Identity Fraud and Invoice Scams6. Phishing, Whaling, and Vishing7. Spam, Hoaxes, and Prepending8. Pharming and Credential Harvesting9. Influence Campaigns
MAALINKA 11AADMALWARE-BASED ATTACKS1. Malware Classification2. Computer Viruses3. Computer Worms and Fileless Malware4. Spyware, Adware, and Keyloggers5. Backdoors and Remote Access Trojans6. Rootkits7. Ransomware, Crypto-Malware, and Logic Bombs8. Malware Indicators9. Process Analysis
CompTIA Security 01 Attacks, Threats, and Vulnerabilities STUDY PLAN . MAALINKA 1AAD INFORMATION SECURITY ROLES 1. Information Security 2. Cybersecurity Framework 3. Information Security Competencies 4. Information Security Roles and Responsibilities 5. Information Security Business Units 6. Questions 01: Security Roles and Security Controls .
