Watering hole attacks are a recent development in the cat-and-mouse game between information security professionals and hackers. Watering hole attacks use sneaky techniques to lure unsuspecting users and infect their systems with malware. In this video, learn how attackers infect commonly visited sites with malware in watering hole attacks.
- [Instructor] Watering hole attacks…are a recent development in the cat and mouse game…between information security professionals and hackers.…Watering hole attacks use sneaky techniques…to lure unsuspecting users…and infects their systems with malware.…In nature, a watering hole is a place that animals gather,…particularly in dry climates.…It's important that animals visit the watering hole…because the water there is essential to their survival,…but there are also significant risks involved.…First, diseases can spread easily at watering holes…because all of the animals drink from a common source.…
Second, predators can lay and wait at the watering hole,…waiting for prey to show up in need of a drink…and then attack.…In the electronic world,…websites are a great way to spread malware.…When a user visits a website,…he or she trusts it to some extent.…It's the digital equivalent of approaching someone you trust…as opposed to being solicited by an unknown stranger.…Web browsers as well as browser add-ons and extensions…
You can sign up for Mike's free study group at certmike.com, and find his study guides at the Sybex test prep site. To review the complete CISSP Body of Knowledge, visit https://www.isc2.org/cissp-domains/default.aspx.
Note: This course is part of a series releasing throughout 2018. A complete learning path will be available once all the courses are released.
- Identity and access management overview
- Identification mechanisms: user names, access cards, biometrics, and registration
- Authentication factors
- Password authentication protocols
- Identity as a service (IDaaS)
- Enforcing accountability
- Managing credentials with policies
- Using access control lists
- Defending against access control attacks
Skill Level Advanced
1. Identity and Access Management
5. Credential Management
7. Access Control Attacks
- Mark as unwatched
- Mark all as unwatched
Are you sure you want to mark all the videos in this course as unwatched?
This will not affect your course history, your reports, or your certificates of completion for this course.Cancel
Take notes with your new membership!
Type in the entry box, then click Enter to save your note.
1:30Press on any video thumbnail to jump immediately to the timecode shown.
Notes are saved with you account but can also be exported as plain text, MS Word, PDF, Google Doc, or Evernote.