Autoplay
Autocomplete
Previous Lesson
Complete and Continue
CompTIA Security+ (SY0-701) Complete Course
Introduction
CompTIA Security+ (SY0-701) Complete Course & Exam Lab Introduction (11:34)
Basic Security Concepts
What is Security? (2:22)
Privacy-Integrity-Availability (3:15)
Encryption and Access Control (2:54)
3 A Rule (Authentication, Authorization and Accounting) (3:52)
Threat (3:45)
What is a Hacker? (6:27)
What is Attack? What are the Stages? (3:19)
Single Point Of Failure (SPOF) (3:12)
Introducing Basic Risk Concepts (3:22)
Identity Management
KERBEROS & NTLM&LDAP (7:32)
What is Identity Management? (2:14)
Single Sign-On (11:02)
Smart Cards (2:56)
Tokens or Key Fobs (5:20)
Biometric Methods (7:36)
Dual-Factor and Multifactor Authentication (1:37)
PAP / CHAP / MS-CHAP (2:46)
RADIUS (6:26)
Users
Managing Accounts-1 (11:42)
Create a User In Comptia (3:03)
Managing Accounts-2 (9:22)
Passwords (9:18)
Password Policy (9:02)
Comparing Access Control Models
Comparing Access Control Models (2:18)
Role-Based Access Control (3:15)
Establishing Access with Group-Based Privileges (4:42)
Rule Based and Discretionary Access Control (5:39)
Mandatory Access Control (2:46)
Establishing Access Attribute-Based Access Control (6:07)
Virtualization
What is Virtualization? (3:46)
Virtualization Technologies (2:55)
Benefits of Virtualization (4:58)
Security Issues of Virtualization (3:49)
Download and Install VirtualBOX (2:02)
Download and Install Kali Linux -VirtualBox (7:36)
Download and Install Kali Linux Image File (2:40)
Download and add Metasploitable Image File (2:40)
OWASP Image File-2 Download and Add VirtualBOX (4:21)
Create Nat Network and Connections Test with VirtualBox (7:32)
VmWare Download and Install (1:49)
Kali Linux Install VMWare (5:39)
Kali Image File Add VmWare (2:02)
Metasploitable Add VmWare (2:15)
Owasp Add VmWare (2:12)
Create Nat Network and Connections Test with VmWare (6:12)
Network Technologies
Basic Network Concepts (15:38)
Domain Name Services(DNS) (9:47)
What is the port? How does it work? (5:10)
What is the Network Address (7:04)
Combining the IP Address and the Port (4:39)
Switches (4:59)
Bridge (3:07)
Routers (9:26)
Understanding NAT and PAT (2:37)
Network Separation (3:16)
Proxy Servers (7:13)
Types of Using Network Technologies-1 (9:12)
Types of Using Network Technologies-2 (8:25)
Wireless Networks
Reviewing Basic Wireless Network Information (6:28)
Wireless Cryptographic Protocols (7:38)
Authentication Protocols for Wireless Networks (6:20)
Network Security Technologies
Firewalls (9:27)
Network Access Control (9:27)
Implementing a Secure Network (5:17)
Intrusion Detection Systems
Understanding IDSs and IPSs (4:45)
Detection Methods (11:54)
Honeypots (4:39)
Virtual Private Network(VPN) Technologies
Using VPNs for Remote Access (3:53)
VPN Tunnel Protocols (6:16)
Site-to-Site VPNs (2:34)
Security Threats
Viruses (2:16)
Understanding Threat Actors (12:33)
Logic Bombs (3:21)
Trojans (5:29)
Ransomware (3:26)
Spyware (3:03)
Bots and Botnets (4:17)
Unified Threat Management(UTM) (5:55)
Securing Wireless Networks
Disable SSID Broadcasting or Not (1:30)
Enable MAC Filtering (1:55)
Understanding Wireless Attacks
Disassociation Attacks (1:58)
WPS and WPS Attacks (1:50)
Rogue AP (2:14)
Evil Twin (2:08)
Jamming Attacks (3:45)
Bluetooth Attacks (2:48)
RFID Attacks (2:40)
Wireless Replay Attacks (1:49)
Rogue Access Points-Airbase-ng (5:46)
Rogue Access Points-Evil-Twin-Attack (6:42)
Cracking-WEP-Preparing-Attacks (2:49)
Cracking-WEP-Fake-Authentication-Attack (3:50)
Cracking-WEP-ChopChop-Attack (3:47)
Cracking-WPA-Aircrack-ng (3:57)
Cracking-WPA-John-the-Ripper (4:09)
Network Attacks
81 - Network Attacks (3:39)
82 - SYN Flood Attack (2:55)
83 - MAC Flood Attacks (2:53)
84 - Man-in-the-Middle Attacks (1:33)
85 - ARP Poisoning Attacks (3:49)
86 - DNS Attacks (6:17)
Network Attacks
SYN Flood Attack (2:53)
Network Attacks (3:36)
MAC Flood Attacks (2:52)
Man-in-the-Middle Attacks (1:33)
ARP Poisoning Attacks (3:52)
DNS Attacks (6:12)
Password Attacks
Brute Force&Dictionary Attacks (3:31)
Cain & Abel_ A Dictionary Attack (8:59)
Cain & Abel_ A Brute Force Attack (3:36)
Password Hashes (4:53)
Cain and Abel_ Gathering Hashes (4:43)
Birthday Attacks (4:45)
Replay Attacks (3:18)
Hijacking and Related Attacks (5:59)
Driver Manipulation (2:07)
Zero-Day Attacks
Zero-Day Attacks (4:19)
Code Attacks
Code Reuse and SDKs (4:28)
Code Quality and Testing (2:50)
Development Life-Cycle Models (3:41)
Secure DevOps (3:21)
Version Control and Change Management (2:18)
Provisioning and Deprovisioning (1:50)
Web Server Attacks
Web Servers (2:07)
SQL Injection Attacks (4:31)
Protecting Against SQL Injection Attacks (2:39)
SQL Injection - Part I (4:20)
SQL Injection - Part II (4:41)
SQL Injection - Part III (5:20)
DLL Injection (2:25)
Cross-Site Scripting (6:43)
Classification of Web Attacks (1:37)
Zed Attack Proxy (ZAP)_ A Web App Vulnerability Scanner (3:06)
XSS (Cross Site Scripting) - Stored and DOM Based XSS (7:01)
Cross Site Request Forgery (CSRF) (5:12)
Path Traversal_ File (5:41)
Social Engineering
Social Engineering (4:08)
Shoulder Surfing (1:08)
Tricking Users with Hoaxes (1:19)
Tailgating and Mantraps (1:12)
Dumpster Diving (1:30)
Watering Hole Attacks (1:06)
Spam (2:04)
Phishing (6:24)
Whaling (2:45)
Vishing (3:05)
Beware of Email from Friends (2:00)
Why Social Engineering Works (9:28)
Social Engineering Toolkit (SET) for Phishing (6:34)
Memory Buffer Vulnerabilities
Buffer Overflow Attacks (4:11)
Memory Leak (2:43)
Pointer Dereference (2:09)
Compiled Versus Runtime Code (1:23)
Proper Input Validation (4:10)
Side Input Validation (3:20)
Avoiding Race Conditions (2:14)
Proper Error Handling (2:13)
Cryptographic Techniques (1:42)
Preventing Attacks
Antivirus and Anti-Malware Software (8:18)
Protecting Systems from Malware (2:05)
Advanced Malware Tools (3:33)
Educating Users (1:53)
Implementing Defense in Depth (3:36)
Server Security
Implementing Secure Systems (4:12)
Operating systems (4:09)
Secure Operating System Configurations (6:26)
Resiliency and Automation Strategies (5:00)
Change Management Policy (7:06)
Secure Staging and Deployment (5:25)
Peripherals (4:08)
EMI and EMP (7:43)
Hardware Security Module (2:28)
Cloud Deployment Models (5:28)
Cloud Services (6:08)
Security Responsibilities with Cloud Models (1:52)
Mobile Devices
Deployment Models (8:32)
Deploying Mobile Devices Securely (2:14)
Mobile Device Management (9:23)
Unauthorized Software (4:56)
Hardware Control (2:39)
Unauthorized Connections (2:32)
Exploring Embedded Systems
Exploring Embedded Systems (7:06)
Understanding Stuxnet (2:14)
Real-Time Operating Systems (3:16)
Data Security
Protecting Data (11:25)
Data Loss Prevention (5:31)
Database Security
Database Concepts (2:47)
Normalization (5:26)
SQL Queries (1:56)
Database Security (1:00)
Risk Management
Risk Management (2:47)
Understanding Risk Management (2:40)
Threats and Threat Assessments (4:23)
Vulnerabilities (2:03)
Risk Assessment (13:05)
Risk Registers (5:50)
Cloud Vendors Relationships
Finding and Evaluating Cloud Vendors (14:11)
Job Notification (3:28)
Conducting Evaluations (4:11)
Negotiating Contracts and Billing (9:49)
Professional Services (3:56)
Chargebacks (12:41)
Laws, Regulations And Safety Standards (3:19)
Advising
Using Baselines (3:09)
Key Stakeholders (2:45)
Conducting Feasibility Study (2:19)
Making GAP Analysis (2:50)
Using Reporting (1:30)
Understanding Benchmarks (3:38)
Checking for Vulnerabilities
Checking for Vulnerabilities (1:53)
Password Crackers (1:59)
Password Cracking Tools (0:08)
Hydra_ Cracking the Password of a Web App (10:01)
Password Cracking with Cain & Aibel (1:01)
Network Scan Types (2:50)
Passive Scan with Wireshark (6:36)
Passive Scan with ARP Tables (6:20)
What is NMAP? (4:14)
Nmap with Ping Scan (4:59)
Nmap with TCP Scan (7:11)
Nmap with Version Detection (7:10)
Nmap with Operating System Detection (5:58)
Active Scan with Hping (8:30)
Network Scanners (5:24)
Wireless Scanners Cracker (3:20)
Banner Grabbing (0:48)
Vulnerability Scanning (11:24)
Introduction to Vulnerability Scan (9:19)
Introduction to Nessus (1:57)
Nessus_ First Scan (7:07)
Penetration Tests
Penetration Tests (2:43)
Passive & Active Reconnaissance (2:03)
Initial Exploitation (3:45)
White, Gray and Black Box Testing (2:57)
Intrusive and Non-Intrusive Testing (1:23)
Passive Versus Active Tools (11:39)
Physical Security Precautions
Comparing Physical Security Controls (3:28)
Comparing Door Lock Types (5:31)
Preventing Tailgating with Mantraps (2:01)
Increasing Physical Security with Guards (8:16)
Using Hardware Locks (2:57)
Asset Management (2:35)
Implementing Environmental Controls (13:58)
Single Point of Failure
Single Point of Failure (1:47)
Disk Redundancies (4:26)
Server Redundancy and High Availability (9:12)
Backup (15:14)
Business Continuity Plans
Comparing Business Continuity Elements (6:09)
Impact (3:50)
Recovery Time Objective (4:57)
Recovery Sites (5:52)
Disaster Recovery (8:12)
Examination of Logs
Monitoring Logs for Event Anomalies (8:43)
Other Logs-SIEM (7:12)
Continuous Monitoring (6:05)
Controls
Understanding Control Types (7:13)
Control Goals (10:50)
Cryptography and PKI
200 - Introducing Cryptography Concepts (3:08)
201 - Hashing (4:43)
202 - MD5 (0:54)
203 - SHA (2:55)
204 - HMAC (2:49)
205 - Hashing_Files (2:56)
206 - Digital_Signatures_Certificates_and_No_Denial (2:52)
207 - Hashing Messages (4:35)
208 - Providing Confidentiality with Encryption (8:16)
209 - Block Versus Stream Ciphers (4:09)
210 - Symmetric Encryption (1:55)
211 - Symmetric Encryption Methods (6:19)
212 - Asymmetric Encryption (1:56)
213 - Certificates (3:58)
214 - Steganography And Obfuscation (2:40)
215 - Using Cryptographic Protocols (1:49)
216 - Cipher Suites (3:38)
217 - Exploring PKI Components (8:04)
218 - Recovery Agent (1:08)
219 - Comparing Certificate Types (4:37)
220 - Certificate Formats (3:10)
Cryptography and PKI
Hashing (4:39)
Introducing Cryptography Concepts (3:06)
MD5 (0:54)
SHA (2:55)
HMAC (2:46)
Hashing Files (2:56)
Digital Signatures, Certificates and non-repudiation (2:56)
Hashing Messages (4:35)
Providing Confidentiality with Encryption (8:17)
Block Versus Stream Ciphers (4:11)
Symmetric Encryption (1:56)
Symmetric Encryption Methods (6:16)
Asymmetric Encryption (1:57)
Certificates (3:58)
Steganography And Obfuscation (2:42)
Using Cryptographic Protocols (1:50)
Cipher Suites (3:38)
Exploring PKI Components (8:05)
Recovery Agent (1:08)
Comparing Certificate Types (4:37)
Certificate Formats (3:12)
Protecting Email
Protecting Email (1:50)
Encrypting Email (3:39)
HTTPS Transport Encryption (5:15)
Risk Mitigation Methods
Personnel Management Policies (10:44)
Exploring Security Policies (1:15)
Background Check (2:51)
NDA (4:40)
Policy Violations and Adverse Actions (1:39)
Agreement Types (2:59)
PII and PHI (5:12)
Responding to Incidents (2:33)
Providing Training (5:32)
Troubleshooting Personnel Issues (2:28)
Conclusion
Conclusion (11:23)
83 - MAC Flood Attacks
Lesson content locked
If you're already enrolled,
you'll need to login
.
Enroll in Course to Unlock