Welcome to this review of the Pluralsight course CompTIA Security+ Threats and Vulnerabilities by Chris Rees

This course discusses the range of malware that threatens your network, both at work and at home. Even if you have no interest in becoming a security professional, the material in this course could arm you with the knowledge to protect your computers from a variety of nasty infections.

This is another long course. Not as long as the previous course on Compliance and Operational Security, but it does contain eight different modules. These are:

Types of Malware
Explaining Viruses, Spyware, Trojans and Remote Access Tools, Rootkits, Backdoors, Logic Bombs, Botnets, Ransomware, Polymorphic Malware and Armored Viruses.

Types of Attacks
Man in the middle, denial of service, spoofing, spam, phishing, spim, vishing, spear phishing, Xmas attack, pharming, privilege escalation, typo squatting, watering hole attacks

Effectiveness of Social Engineering Attacks
This module discusses Shoulder surfing, dumpster diving, tailgating, impersonation, hoaxes, whaling and vishing. It then goes through some principles that explain why people tend to fall victim to social engineering: authority, intimidation, consensus/social proof, familiarity/liking, trust and scarcity/urgency.
I find it interesting that most of these techniques are routinely used by today’s online social networks.

Wireless Attacks
This module talks about Rogue access points, Jamming/Interference, Evil twins, War driving, War chalking, Bluejacking, Bluesnarfing, Initialization Vector (IV) attacks, Packet sniffing, Near field communication, Replay attacks, and WEP/WPA attacks.

There is a mistake in the IV attacks clip. 2^25 is 33,554,432 rather than 281,474,976,710,656, which is 2^48.

Application Attacks

Gives an overview of Cross-site scripting, SQL injection, LDAP injection, XML injection, Directory traversal/command injection, buffer overflow, integer overflow, Zero day, cookies and attachments, locally shared objects, flash cookies, malicious add-ons, session hijacking, header manipulation and arbitrary code execution

Mitigation and Deterrent Techniques

Talks about the various forms of system logs: Event logs, Audit logs, Security logs and Access logs.

It  then covers the hardening of our servers and applications, by disabling unnecessary services, protecting management interfaces and applications, password protection, and disabling unnecessary accounts.

Also covered is Network security: MAC limiting and filtering, 802.1x, disabling unused interfaces and unused application service ports, and rogue machine detection

Furthermore, our security posture is discussed including the initial baseline configuration, continuous security monitoring and remediation.

Reporting (Alarms, Alerts and Trends) is covered and then finally detection and prevention controls (IDS/IPS, cameras and guards).

Discovering Security Threats and Vulnerabilities

Security Assessment Tools, Risk Calculations, Assessment Types and Assessment Techniques

Protocol Analyzers, Vulnerability Scanners, Honeypots and Honeynets, Port Scanners, Passive vs. Active Tools, and Banner Grabbing

Penetration Testing vs. Vulnerability Scanning

Talks about verifying, bypassing, testing and exploiting as a penetration tester.

Covers Vulnerability Scanning including the identification, assessment and remediation or vulnerabilities.

Explains the difference between black box, white box and grey box testing.

Related Courses

This course’s content overlaps with Ethical Hacking: Malware Threats. Watching either of these courses will give you a good understanding of malware, but watching both will give you an even better understanding.

For a much more in depth explanation of Application attacks and how to protect yourself against them, watch Troy Hunt’s Hack Yourself First: How to go on the Cyber-Offense course. Or if you are specifically interested in how SQL Injection attacks are done and how to prevent them, see Ethical Hacking: SQL Injection

Activities to complement this course:

Mentioned in this course is TDSSKiller, a free tool for removing Windows rootkits from Kaspersky. Obviously their are a variety of anti-malware vendors to choose from, but downloading and running this is a reasonable choice which could help protect you.

This course talks briefly about the birthday paradox, a.k.a. birthday problem, about finding how many random people need to be in a room together before two people have the same birthday. It is worth reading up on the mathematics behind this some more. See Wikipedia’s Birthday problem. Chris’s claim that 253 people means 100% probability is not exactly correct, although the probability is very close to 100%. The probability of a group of 200 people containing more than one person with the same birthday is 99.9999999999999999999999999998%

Recommended Speed: 1.2x

Next course: Application, Data, and Host Security