CompTIA Security+ SY0-701

Most applications perform multiple transactions and processes at the same time. In this video, you’ll learn how attackers can take advantage of this characteristic with a race condition. << Previous Video: Buffer Overflows Next Video: Malicious Updates >> A race condition is when two events happen at nearly the same time with an application, and […]

A poorly written application can be a useful vector for an attacker. In this video, you’ll learn how buffer overflows can be used to gain access to a remote system. << Previous Video: Memory Injections Next Video: Race Conditions >> A buffer overflow attack is one, where an attacker can write more than what is

Attackers can manipulate information in RAM to gain elevated access. In this video, you’ll learn how memory and DLL injections are used in an attack. << Previous Video: Other Social Engineering Attacks Next Video: Buffer Overflows >> The software that runs on your computer all runs inside of memory. Nothing executes on your computer unless

Attackers use many techniques to gain access to our systems. In this video, you’ll learn about misinformation campaigns and brand impersonation. << Previous Video: Watering Hole Attacks Next Video: Memory Injections >> One very effective social engineering technique is to disseminate incorrect information to others. Unlike something that’s a difference of opinion, misinformation and disinformation

If can attacker can’t get into your network, then they’ll wait for you to come out. In this video, you’ll learn how watering hole attacks can be used to attack a company outside of their own network. << Previous Video: Impersonation Next Video: Other Social Engineering Attacks >> In previous videos, we’ve talked about how

Attackers use impersonation to make themselves appear to be someone different. In this video, you’ll learn about some of the most popular impersonation and fraud-based attacks. << Previous Video: Phishing Next Video: Watering Hole Attacks >> Let’s step through a number of different phone calls that have been received by individuals with this particular pretext.

Phishing continues to be a popular method of network infiltration. In this video, you’ll learn about different phishing techniques, and I’ll demonstrate a real-world example from my email inbox. << Previous Video: Common Threat Vectors Next Video: Impersonation >> Phishing is a term we use to describe social engineering that uses a number of different

Attackers can use many different methods to gain access to a system. In this video, you’ll learn how messages, images, files, default credentials, and more can be used as threat vectors. << Previous Video: Threat Actors Next Video: Phishing >> A threat vector is the method that an attacker uses to gain access to your

There are many different types of attackers. In this video, you’ll learn about threat actors from nation states, organized crime, shadow IT, and others. << Previous Video: Certificates Next Video: Common Threat Vectors >> A threat actor is an entity that is the cause of an event that affects the security of others. We often

We use certificates to provide trust when accessing other devices or services. In this video, you’ll learn about digital certificates, certificate signing requests, key revocation, OCSP stapling, and more. << Previous Video: Blockchain Technology Next Video: Threat Actors >> A digital certificate is a file that contains both a public key and a digital signature.