LinkedIn and 3rd parties use essential and non-essential cookies to provide, secure, analyze and improve our Services, and to show you relevant ads (including professional and job ads) on and off LinkedIn. Learn more in our Cookie Policy.

Select Accept to consent or Reject to decline non-essential cookies for this use. You can update your choices at any time in your settings.

Start free trial Sign in

From the course: CompTIA Security+ (SY0-701) Cert Prep

Threats, vulnerabilities, and mitigations

From the course: CompTIA Security+ (SY0-701) Cert Prep

Start my 1-month free trial Buy for my team

Threats, vulnerabilities, and mitigations

“

- The second domain of the Security+ exam, threats, vulnerabilities, and mitigations, makes up 22% of the questions on the exam. It has five objectives. In the first objective of this domain, you need to compare and contrast common threat actors and motivations. This includes understanding the different attributes and motivations of nation-state attackers, unskilled attackers, hacktivists, organized crime, the insider threat, and shadow IY. The second objective requires that you explain common threat vectors and attack surfaces. This includes threats that arise through messaging, images, files, voice calls, and removable devices. It also includes threats related to vulnerable software, unsupported systems and applications, insecure networks, open service ports, default credentials, and the threats posed by your supply chain. You'll also need to understand social engineering attacks as part of this objective. In the third objective, you'll need to explain various types of vulnerabilities. This includes application, operating system, and web-based vulnerabilities, as well as issues that arise in hardware, virtualization, on the cloud. You'll need to understand issues related to cryptographic weaknesses, misconfigurations, mobile devices, and zero day attacks. As you move on to the fourth objective, you'll need to analyze indicators of malicious activity when given a scenario. These include malware attacks, physical attacks, network attacks, application attacks, cryptographic attacks, and password attacks. The final objective of this domain requires that you explain the purpose of mitigation techniques used to secure the enterprise. You'll need to understand segmentation, access control, application allow lists, isolation, patching, encryption, monitoring, least privilege, configuration enforcement, and system hardening techniques. Successfully mastering the five objectives of this domain will provide you with all the information that you need to know to answer Security+ exam questions related to threats, vulnerabilities, and mitigations.

Contents