Presentation is loading. Please wait.

Presentation is loading. Please wait.

CompTIA Security+ Study Guide (SY0-401) Chapter 9: Malware, Vulnerabilities, and Threats.

Published byRuby Marsh Modified over 7 years ago

Similar presentations

Presentation on theme: "CompTIA Security+ Study Guide (SY0-401) Chapter 9: Malware, Vulnerabilities, and Threats."— Presentation transcript:

1 CompTIA Security+ Study Guide (SY0-401) Chapter 9: Malware, Vulnerabilities, and Threats

2 Chapter 9: Malware, Vulnerabilities, and Threats Explain types of malware Summarize various types of attacks Explain types of application attacks Given a scenario, use appropriate tools and techniques to discover security threats and vulnerabilities Explain the importance of application security controls and techniques

3 Understanding Malware Spyware Adware Rootkits Trojan Horses Logic Bombs Backdoors Botnets Ransomware

4 Malicious Code – refers to a broad category of software threats to your network and systems, including viruses, Trojan horses, logic bombs, and worms. Viruses – a piece of software designed to infect a computer system. – a virus, in most cases, tries to accomplish one of two things: render your system inoperable or spread to other systems.

5 Classifications of Viruses P olymorphic—those that change form in order to avoid detection Stealth—those that attempt to avoid detection by masking themselves from applications Retroviruses—attacks or bypasses the antivirus software installed on a computer Multipartite—attacks your system in multiple ways Armored—one that is designed to make itself difficult to detect or analyze Companion—attaches itself to legitimate programs and then creates a program with a different filename extension Phage—one that modifies and alters other programs and databases Macro viruses—those that exploit the enhancements made to many application programs, which are used by programmers to expand the capability of applications

6 Chapter 9: Malware, Vulnerabilities, and Threats Spam – defined as any unwanted, unsolicited email, and not only can the sheer volume of it be irritating, but it can also often open the door to larger problems. Antivirus Software: Antivirus software is an application that is installed on a system to protect it and to scan for viruses as well as worms and Trojan horses.

7 Common Attacks DoS and DDoS Attacks Spoofing Attacks Pharming Attacks Phishing, Spear Phishing, and Vishing Attacks Xmas Attacks Man-in-the-Middle Attacks Replay Attacks Smurf Attacks

8 Password Attacks Brute-Force Dictionary Hybrid Birthday Rainbow Table

9 Other Types of Attacks Malicious Insider Threats Transitive Access Client-Side Attacks Typo Squatting and URL Hijacking Watering Hole Attack

10 Application Attacks Cross-Site Scripting and Forgery SQL Injection LDAP Injection XML Injection Directory Traversal/Command Injection Buffer Overflow Integer Overflow Zero-Day Exploits

11 Application Attacks (cont.) Cookies and Attachments Locally Shared Objects/Flash Cookies Malicious Add-ons Session Hijacking Header Manipulation Arbitrary code and Remote Code Execution

12 Five Tasks for Finding Threats Passively testing security controls Interpreting results Identifying vulnerability Identifying lack of security controls Identifying common misconfigurations

13 Security Tools Vulnerability Scanners Honeypots and Honeynets Port Scanner Banner Grabbing

14 Risk Calculations/Assessment Types Baseline Reporting Code Review Determine Attack Surface Architecture Design Review

Download ppt "CompTIA Security+ Study Guide (SY0-401) Chapter 9: Malware, Vulnerabilities, and Threats."

Similar presentations

Lecture: Malicious Code CIS 3360 Ratan K. Guha. Malicious Code2 Overview and Reading Assignments Defining malicious logic Types Action by Viruses Reading.

Lecture: Malicious Code CIS 3360 Ratan K. Guha. Malicious Code2 Overview and Reading Assignments Defining malicious logic Types Action by Viruses Reading.
By Hiranmayi Pai Neeraj Jain

By Hiranmayi Pai Neeraj Jain
Dr. John P. Abraham Professor UTPA 2 – Systems Threats and Risks.

Dr. John P. Abraham Professor UTPA 2 – Systems Threats and Risks.
1 Topic 1 – Lesson 3 Network Attacks Summary. 2 Questions ► Compare passive attacks and active attacks ► How do packet sniffers work? How to mitigate?

1 Topic 1 – Lesson 3 Network Attacks Summary. 2 Questions ► Compare passive attacks and active attacks ► How do packet sniffers work? How to mitigate?
Software Security Threats Threats have been an issue since computers began to be used widely by the general public.

Software Security Threats Threats have been an issue since computers began to be used widely by the general public.
Chapter 14 Computer Security Threats Patricia Roy Manatee Community College, Venice, FL ©2008, Prentice Hall Operating Systems: Internals and Design Principles,

Chapter 14 Computer Security Threats Patricia Roy Manatee Community College, Venice, FL ©2008, Prentice Hall Operating Systems: Internals and Design Principles,
Malicious Attacks. Introduction Commonly referred to as: malicious software/ “malware”, computer viruses Designed to enter computers without the owner’s.

Malicious Attacks. Introduction Commonly referred to as: malicious software/ “malware”, computer viruses Designed to enter computers without the owner’s.
Computer Security Fundamentals by Chuck Easttom Chapter 5 Malware.

Computer Security Fundamentals by Chuck Easttom Chapter 5 Malware.
Threats and Attacks Principles of Information Security, 2nd Edition

Threats and Attacks Principles of Information Security, 2nd Edition
Guide to Operating System Security Chapter 2 Viruses, Worms, and Malicious Software.

Guide to Operating System Security Chapter 2 Viruses, Worms, and Malicious Software.
Hands-On Ethical Hacking and Network Defense Chapter 3 Network and Computer Attacks.

Hands-On Ethical Hacking and Network Defense Chapter 3 Network and Computer Attacks.
Viruses, Hacking, and AntiVirus. What is a Virus? A type of Malware – Malware is short for malicious software A virus – a computer program – Can replicate.

Viruses, Hacking, and AntiVirus. What is a Virus? A type of Malware – Malware is short for malicious software A virus – a computer program – Can replicate.
Chapter Nine Maintaining a Computer Part III: Malware.

Chapter Nine Maintaining a Computer Part III: Malware.
Internet Safety CSA 105 1.0 September 21, 2010. Internet Threats Malware (viruses) Spyware Spam Hackers Cyber-criminals.

Internet Safety CSA September 21, Internet Threats Malware (viruses) Spyware Spam Hackers Cyber-criminals.
Chapter 15: Security (Part 1). The Security Problem Security must consider external environment of the system, and protect the system resources Intruders.

Chapter 15: Security (Part 1). The Security Problem Security must consider external environment of the system, and protect the system resources Intruders.
14.1 Silberschatz, Galvin and Gagne ©2009 Operating System Concepts with Java – 8 th Edition Chapter 14: Protection.

14.1 Silberschatz, Galvin and Gagne ©2009 Operating System Concepts with Java – 8 th Edition Chapter 14: Protection.
 We all know we need to stay safe while using the Internet, but we may not know just how to do that. In the past, Internet safety was mostly about.

 We all know we need to stay safe while using the Internet, but we may not know just how to do that. In the past, Internet safety was mostly about.
Viruses & Destructive Programs

Viruses & Destructive Programs
This courseware is copyrighted © 2015 gtslearning. No part of this courseware or any training material supplied by gtslearning International Limited to.

This courseware is copyrighted © 2015 gtslearning. No part of this courseware or any training material supplied by gtslearning International Limited to.
Attacks On systems And Networks To understand how we can protect our system and network we need to know about what kind of attacks a hacker/cracker would.

Attacks On systems And Networks To understand how we can protect our system and network we need to know about what kind of attacks a hacker/cracker would.

Similar presentations

Ads by Google