From the course: CompTIA CySA+ (CS0-002) Cert Prep: 1 Threat Management
Join today to access over 22,600 courses taught by industry experts or purchase this course individually.
Understanding attacks
From the course: CompTIA CySA+ (CS0-002) Cert Prep: 1 Threat Management
Understanding attacks
- [Instructor] After identifying potential threats to an information system, security analysts should move on to a phase where they consider the possible attacks against those systems. Let's take a look at the various type of attacks that may be used against information systems. Microsoft uses the STRIDE model to help categorize attacks. This model is a helpful starting point when you're trying to identify the attacks that may be used against any particular system. Each letter in the model represents a category of attack. S stands for spoofing. Spoofing attacks use falsified identity information to gain access to a system. This may be as simple as a social engineering attack that fakes the sender's name or email address, or it may be more complicated and involve spoofing IP addresses, MAC addresses, wireless network names, or other claims of identity. The best control against spoofing is strong authentication. T stands for…
Download courses and learn on the go
Watch courses on your mobile device without an internet connection. Download courses using your iOS or Android LinkedIn Learning app.