Join Mike Chapple for an in-depth discussion in this video User-based threats, part of CompTIA Security+ (SY0-501) Cert Prep: 5 Risk Management.
- [Instructor] In addition to understanding…how strong security habits can improve information security,…users should also understand how attackers target users…to undermine an organization's security.…Security education programs should include coverage…of used-based security threats.…Phishing is one of the most common…user-based threats facing organizations.…In a phishing attack, attackers send…legitimate looking messages to end users…seeking to get them to disclose sensitive information…or perform another action that undermines security.…
These messages can appear very realistic,…using corporate logos and terminology.…The example phishing message shown here…was used to impersonate Citibank.…While phishing uses messages targeted at end users,…it's only one example of a category of attacks…known as social engineering.…In social engineering, attackers attempt…to manipulate individuals into undermining security.…Security awareness efforts should inform users…that social engineering isn't limited to email,…and that they should be wary of suspicious requests that…
Author
Mike Chapple
Released
12/1/2017Looking for study partners?
Join the CompTIA Security+ SY0-501 Exam study groupEarning the CompTIA Security+ certification demonstrates to potential employers that you have a foundational understanding of network security and risk management concepts. This course—the fifth installment in a series readying you for version SY0-501 of the CompTIA Security+ exam—prepares you to tackle the Risk Management domain of the exam. Instructor Mike Chapple—an IT leader with over 15 years of experience—covers key topics, including risk assessment; business impact analysis concepts; personnel management; security education and compliance training; disaster recovery; and preparing for incident response. Visit certmike.com to join one of his free study groups.
We are a CompTIA Content Publishing Partner. As such, we are able to offer CompTIA exam vouchers at a 10% discount. For more information on how to obtain this discount, please download these PDF instructions.
- Security controls and policies
- Risk assessment and management
- Managing vendor relationships
- Social network security
- Security in the hiring process
- Measuring security education
- Business continuity planning and controls
- Preparing for incident response
- Network and software forensics
- Data security policies and roles
- Privacy assessments
Skill Level Beginner
Duration
Views
-
Introduction
-
Welcome1m 6s
-
-
1. Controls and Risks
-
Security controls6m 16s
-
Security policy framework4m 53s
-
Security policies5m 16s
-
Risk assessment5m 22s
-
Quantitative risk assessment6m 41s
-
Risk management3m 53s
-
-
2. Supply Chain Risk
-
Vendor agreements3m 40s
-
3. Personnel Management
-
Employee termination process2m 42s
-
4. Awareness and Training
-
Security education5m 17s
-
Compliance training3m 27s
-
User habits3m 20s
-
User-based threats2m 3s
-
-
5. Business Continuity and Disaster Recovery
-
Business continuity planning3m 27s
-
Business continuity controls3m 50s
-
Disaster recovery4m 26s
-
Backups9m 14s
-
Disaster recovery sites3m 26s
-
Testing BC/DR plans3m 42s
-
After action reports3m 12s
-
-
6. Incident Response
-
Security incidents3m 6s
-
Escalation and notification2m 42s
-
Incident mitigation2m 46s
-
Eradication and recovery2m 20s
-
-
7. Forensics
-
Conducting investigations4m 21s
-
Evidence types3m 51s
-
Introduction to forensics4m 24s
-
System and file forensics4m 26s
-
Network forensics4m 19s
-
Software forensics2m 52s
-
Embedded device forensics2m 50s
-
Chain of custody2m 13s
-
-
8. Data Security and Privacy
-
Understanding data security3m 13s
-
Data security policies5m 43s
-
Data security roles3m 8s
-
Data privacy4m 30s
-
Limiting data collection3m 19s
-
Privacy assessments3m 38s
-
-
Conclusion
-
Next steps39s
-
Take notes with your new membership!
Type in the entry box, then click Enter to save your note.
Press on any video thumbnail to jump immediately to the timecode shown.
Notes are saved with you account but can also be exported as plain text, MS Word, PDF, Google Doc, or Evernote.
Share this video
Embed this video
Video: User-based threats