In this video, learn about the mitigation efforts used on zero-day attacks.
- [Instructor] Zero-day attacks occur…when a vulnerability is identified in a production system…before a patch or fix is available from the manufacturer.…Basically, if someone can find a software bug in Windows…before Microsoft can,…then a zero-day vulnerability exists.…Preventing zero-day vulnerabilities…from being exploited is extremely challenging.…After all, if somebody knew…the vulnerability already existed,…then they probably would have already fixed it, right?…How can you discover…that a zero-day vulnerability exists though?…Well, the best way that security researchers have used…to find zero-days is to use a honeypot or a honeynet.…
A honeypot is a system that's designed to be vulnerable…and placed on the internet so people will try to attack it.…These attacks are then studied by researchers…and often zero-days are found through this observation.…In addition to using honeypots…to learn about new exploits and attacks,…researchers will also monitor the hacking community…and explore the dark web.…Zero-day vulnerabilities and exploits…
Author
Jason Dion
Released
11/16/2018Looking for study partners?
Join the CASP+ Exam study groupTo effectively fight off malware and cyberattacks on an enterprise network, IT security professionals must understand how to collaborate with colleagues across their organization and research new and emerging threats. In this installment of the CASP+ Cert Prep series, instructor Jason Dion equips you with research methods and collaboration techniques that can help you implement secure designs in your business, as well as prepare for domain 5 of the CASP+ exam: Research, Development, and Collaboration. Learn methods for researching industry trends that could impact your network, review key security activities across both the systems and software development lifecycles, and discover how to collaborate with stakeholders in a range of different roles, from database administrators to HR teams.
We are a CompTIA Content Publishing Partner. As such, we are able to offer CompTIA exam vouchers at a 10% discount. For more information on how to obtain this discount, please download these PDF instructions.
- Best practices for conducting research
- Current threats and threat models
- Emerging social media platforms and their threats
- Integrating research into business functions
- Security activities across the systems and software development lifecycles
- Adapting solutions to meet business needs
- Collaborating with programmers, sales staff, facilities managers, and others
- Providing guidance to senior management
Skill Level Advanced
Duration
Views
-
Introduction
-
What you should know1m 27s
-
About the exam1m 48s
-
1. Research Methods
-
Conducting research6m 16s
-
Zero-day mitigation controls2m 27s
-
Threat actor activities2m 20s
-
Emerging threat sources1m 25s
-
-
2 Security Activities across the Life Cycle
-
Operational activities4m 19s
-
Software assurance9m 32s
-
Approaches to development5m 45s
-
Documentation3m 30s
-
3. Collaboration with Other Business Units
-
Sales staff1m 38s
-
Programmer1m 6s
-
Database administrator1m 46s
-
Network administrator1m 51s
-
Financial1m 27s
-
Human resources1m 2s
-
Emergency response team1m 37s
-
Facilities manager1m 31s
-
Physical security manager1m 22s
-
Legal counsel1m 49s
-
Conclusion
-
What to do next2m 49s
-
Take notes with your new membership!
Type in the entry box, then click Enter to save your note.
Press on any video thumbnail to jump immediately to the timecode shown.
Notes are saved with you account but can also be exported as plain text, MS Word, PDF, Google Doc, or Evernote.
Share this video
Embed this video
Video: Zero-day mitigation controls