CompTIA Security+ Study Guide (SY0-401) Chapter 9: Malware, Vulnerabilities, and Threats.

Slides:



Advertisements
Similar presentations
Lecture: Malicious Code CIS 3360 Ratan K. Guha. Malicious Code2 Overview and Reading Assignments Defining malicious logic Types Action by Viruses Reading.
Advertisements

By Hiranmayi Pai Neeraj Jain
Dr. John P. Abraham Professor UTPA 2 – Systems Threats and Risks.
1 Topic 1 – Lesson 3 Network Attacks Summary. 2 Questions ► Compare passive attacks and active attacks ► How do packet sniffers work? How to mitigate?
Software Security Threats Threats have been an issue since computers began to be used widely by the general public.
Chapter 14 Computer Security Threats Patricia Roy Manatee Community College, Venice, FL ©2008, Prentice Hall Operating Systems: Internals and Design Principles,
Malicious Attacks. Introduction Commonly referred to as: malicious software/ “malware”, computer viruses Designed to enter computers without the owner’s.
Computer Security Fundamentals by Chuck Easttom Chapter 5 Malware.
Threats and Attacks Principles of Information Security, 2nd Edition
Guide to Operating System Security Chapter 2 Viruses, Worms, and Malicious Software.
Hands-On Ethical Hacking and Network Defense Chapter 3 Network and Computer Attacks.
Viruses, Hacking, and AntiVirus. What is a Virus? A type of Malware – Malware is short for malicious software A virus – a computer program – Can replicate.
Chapter Nine Maintaining a Computer Part III: Malware.
Internet Safety CSA September 21, Internet Threats Malware (viruses) Spyware Spam Hackers Cyber-criminals.
Chapter 15: Security (Part 1). The Security Problem Security must consider external environment of the system, and protect the system resources Intruders.
14.1 Silberschatz, Galvin and Gagne ©2009 Operating System Concepts with Java – 8 th Edition Chapter 14: Protection.
 We all know we need to stay safe while using the Internet, but we may not know just how to do that. In the past, Internet safety was mostly about.
Viruses & Destructive Programs
This courseware is copyrighted © 2015 gtslearning. No part of this courseware or any training material supplied by gtslearning International Limited to.
Attacks On systems And Networks To understand how we can protect our system and network we need to know about what kind of attacks a hacker/cracker would.
For any query mail to or BITS Pilani Lecture # 1.
CIS 442: Chapter 2 Viruses. Malewares Maleware classifications and types Viruses Logical and time bombs Trojan horses and backdoors Worms Spam Spyware.
Computer Systems Security Part I ET4085 Keamanan Jaringan Telekomunikasi Tutun Juhana School of Electrical Engineering and Informatics Institut Teknologi.
CS 510 : Malicious Code and Forensics. About the course Syllabus at
BY FIOLA CARVALHO TE COMP. CONTENTS  Malicious Software-Definition  Malicious Programs Backdoor Logic Bomb Trojan Horse Mobile Code Multiple-Threat.
Malicious Software.
Computer Skills and Applications Computer Security.
Computer Security Threats CLICKTECHSOLUTION.COM. Computer Security Confidentiality –Data confidentiality –Privacy Integrity –Data integrity –System integrity.
14.1 Silberschatz, Galvin and Gagne ©2009 Operating System Concepts with Java – 8 th Edition Protection.
Understand Malware LESSON Security Fundamentals.
Types of Malware © 2014 Project Lead The Way, Inc.Computer Science and Software Engineering.
© ITT Educational Services, Inc. All rights reserved. IS3220 Information Technology Infrastructure Security Unit 3 Network Security Threats Chapter 4.
Page 1 Viruses. Page 2 What Is a Virus A virus is basically a computer program that has been written to perform a specific set of tasks. Unfortunately,
Cyber Security – The Changing Landscape Erick Weber Department of Public Works Khaled Tawfik Cyber Security.
Remember effective ways to search +walk (includes words) Intitle:iPad Intext:ipad site:pbs.org Site:gov filetype:jpg.
Antivirus Software Technology By Mitchell Zell. Intro  Computers are vulnerable to attack  Most common type of attack is Malware  Short for malicious.
PROTECTING YOUR DATA THREATS TO YOUR DATA SECURITY.
CHAPTER 7: IDENTIFYING ADVANCED ATTACKS McKinley Technology HS - Cybersecurity.
© SYBEX Inc All Rights Reserved. CompTIA Security+ Study Guide (SY0-201) “Chapter 2: Identifying Potential Risks”
Insecure PCs virus malware phishing spam spyware botnets DNS spoofing identity theft Trojan horse buffer overflow DoS attack worm keyloggers cross-site.
Computer safety Filip Hruby.
Three Things About Malware
Chapter 15: Security.
Chapter 7: Identifying Advanced Attacks
Network Security Fundamentals
3.6 Fundamentals of cyber security
Malware and Social Engineering
Big Picture Consider this How many online threats might you be faced with a day?
Instructor Materials Chapter 7 Network Security
Lecture 8. Cyber Security, Ethics and Trust
Various Types of Malware
COMPUTER VIRUSES Computer Technology.
Computer Security Fundamentals
Malicious Software There are various sources via whom a malicious software can enter a system most common of which is through internet sites not only this.
Computer Technology Notes 5
NET 311 Information Security
Introduction to Security: Modern Network Security Threats
VIRUSES and DESTRUCTIVE PROGRAMS
Internet Worm propagation
CompTIA Security+ Study Guide (SY0-501)
Chap 10 Malicious Software.
Malicious Software Network security Master:Mr jangjou
Networking for Home and Small Businesses – Chapter 8
Chap 10 Malicious Software.
Chapter # 3 COMPUTER AND INTERNET CRIME
Networking for Home and Small Businesses – Chapter 8
WJEC GCSE Computer Science
Networking for Home and Small Businesses – Chapter 8
Chapter Goals Discuss the CIA triad
Chapter 14: Protection.
Presentation transcript:

CompTIA Security+ Study Guide (SY0-401) Chapter 9: Malware, Vulnerabilities, and Threats

Chapter 9: Malware, Vulnerabilities, and Threats Explain types of malware Summarize various types of attacks Explain types of application attacks Given a scenario, use appropriate tools and techniques to discover security threats and vulnerabilities Explain the importance of application security controls and techniques

Understanding Malware Spyware Adware Rootkits Trojan Horses Logic Bombs Backdoors Botnets Ransomware

Malicious Code – refers to a broad category of software threats to your network and systems, including viruses, Trojan horses, logic bombs, and worms. Viruses – a piece of software designed to infect a computer system. – a virus, in most cases, tries to accomplish one of two things: render your system inoperable or spread to other systems.

Classifications of Viruses P olymorphic—those that change form in order to avoid detection Stealth—those that attempt to avoid detection by masking themselves from applications Retroviruses—attacks or bypasses the antivirus software installed on a computer Multipartite—attacks your system in multiple ways Armored—one that is designed to make itself difficult to detect or analyze Companion—attaches itself to legitimate programs and then creates a program with a different filename extension Phage—one that modifies and alters other programs and databases Macro viruses—those that exploit the enhancements made to many application programs, which are used by programmers to expand the capability of applications

Chapter 9: Malware, Vulnerabilities, and Threats Spam – defined as any unwanted, unsolicited , and not only can the sheer volume of it be irritating, but it can also often open the door to larger problems. Antivirus Software: Antivirus software is an application that is installed on a system to protect it and to scan for viruses as well as worms and Trojan horses.

Common Attacks DoS and DDoS Attacks Spoofing Attacks Pharming Attacks Phishing, Spear Phishing, and Vishing Attacks Xmas Attacks Man-in-the-Middle Attacks Replay Attacks Smurf Attacks

Password Attacks Brute-Force Dictionary Hybrid Birthday Rainbow Table

Other Types of Attacks Malicious Insider Threats Transitive Access Client-Side Attacks Typo Squatting and URL Hijacking Watering Hole Attack

Application Attacks Cross-Site Scripting and Forgery SQL Injection LDAP Injection XML Injection Directory Traversal/Command Injection Buffer Overflow Integer Overflow Zero-Day Exploits

Application Attacks (cont.) Cookies and Attachments Locally Shared Objects/Flash Cookies Malicious Add-ons Session Hijacking Header Manipulation Arbitrary code and Remote Code Execution

Five Tasks for Finding Threats Passively testing security controls Interpreting results Identifying vulnerability Identifying lack of security controls Identifying common misconfigurations

Security Tools Vulnerability Scanners Honeypots and Honeynets Port Scanner Banner Grabbing

Risk Calculations/Assessment Types Baseline Reporting Code Review Determine Attack Surface Architecture Design Review

Feedback: Privacy Policy Feedback
Do Not Sell My Personal Information
About project: SlidePlayer Terms of Service

© 2024 SlidePlayer.com Inc. All rights reserved.