From the course: CompTIA Cybersecurity Analyst (CySA+) (CS0-003) Cert Prep
Join today to access over 24,200 courses taught by industry experts.
Threat classification
From the course: CompTIA Cybersecurity Analyst (CySA+) (CS0-003) Cert Prep
Threat classification
- [Instructor] Cybersecurity professionals must deal with a wide variety of threats as they plan and implement security controls. Conducting a threat analysis is an effective way to gauge the cybersecurity risk facing an organization. During a threat analysis, the cybersecurity team uses professional expertise, industry research, threat intelligence, and other information sources to develop a comprehensive list of the threats facing the organization. Once they've developed that list of threats, they then evaluate these threats based upon two criteria. First, they assess the likelihood of each threat. This likelihood judgment incorporates the team opinion about how likely it is that the threat will materialize and how likely it is that the threat will actually target their organization. This likelihood rating may vary significantly from organization to organization for the same threat. For example, consider the threat of an attack by a foreign government. The likelihood of this threat…
Download courses and learn on the go
Watch courses on your mobile device without an internet connection. Download courses using your iOS or Android LinkedIn Learning app.
Contents
-
-
(Locked)
Identification, authentication, authorization, and accounting3m 34s
-
(Locked)
Usernames and access cards3m 23s
-
(Locked)
Biometrics2m 42s
-
(Locked)
Authentication factors4m 25s
-
(Locked)
Multifactor authentication2m 35s
-
(Locked)
Something you have4m 24s
-
(Locked)
Password authentication protocols3m 10s
-
(Locked)
Single sign-on and federation3m 9s
-
(Locked)
Passwordless authentication1m 48s
-
(Locked)
Privileged access management2m 31s
-
(Locked)
Cloud access security brokers5m 15s
-
(Locked)
-
-
(Locked)
OWASP Top 105m 36s
-
(Locked)
Prevent SQL injection4m 25s
-
(Locked)
Understand cross-site scripting4m 46s
-
(Locked)
Request forgery4m 8s
-
(Locked)
Privilege escalation1m 56s
-
(Locked)
Directory traversal3m 6s
-
(Locked)
File inclusion1m 46s
-
(Locked)
Overflow attacks3m 21s
-
(Locked)
Cookies and attachments4m 6s
-
(Locked)
Session hijacking4m 8s
-
(Locked)
Race conditions2m 13s
-
(Locked)
Memory vulnerabilities3m 34s
-
(Locked)
Code execution attacks2m 43s
-
(Locked)
Data poisoning55s
-
(Locked)
Third-party code3m 38s
-
(Locked)
Interception proxies5m 22s
-
(Locked)
-
-
(Locked)
Input validation2m 41s
-
(Locked)
Parameterized queries3m
-
(Locked)
Authentication and session management issues1m 49s
-
(Locked)
Output encoding3m 13s
-
(Locked)
Error and exception handling3m
-
(Locked)
Code signing2m 8s
-
(Locked)
Database security3m 53s
-
(Locked)
Data de-identification2m 44s
-
(Locked)
Data obfuscation2m 12s
-
(Locked)
-
-
(Locked)
Build an incident response program4m 13s
-
(Locked)
Creating an incident response team2m 15s
-
(Locked)
Incident communications plan2m 44s
-
(Locked)
Incident identification4m 26s
-
(Locked)
Escalation and notification2m 29s
-
(Locked)
Mitigation2m 20s
-
(Locked)
Containment techniques3m
-
(Locked)
Incident eradication and recovery5m 39s
-
(Locked)
Validation2m 24s
-
(Locked)
Post-incident activities4m 17s
-
(Locked)
Incident response exercises1m 37s
-
(Locked)
-
-
(Locked)
Conducting investigations3m 50s
-
(Locked)
Evidence types3m 28s
-
(Locked)
Introduction to forensics3m 21s
-
(Locked)
System and file forensics4m 26s
-
(Locked)
File carving3m 46s
-
(Locked)
Creating forensic images5m 30s
-
(Locked)
Digital forensics toolkit2m 25s
-
(Locked)
Operating system analysis6m 9s
-
(Locked)
Password forensics7m 16s
-
(Locked)
Network forensics4m 1s
-
(Locked)
Software forensics4m 25s
-
(Locked)
Mobile device forensics1m 10s
-
(Locked)
Embedded device forensics2m 30s
-
(Locked)
Chain of custody1m 50s
-
(Locked)
Ediscovery and evidence production3m 3s
-
(Locked)