Security+ Domain #1: Threats, Attacks, and Vulnerabilities


The first domain in CompTIA’s Security + exam (SYO-501) covers threats, attacks and vulnerabilities. This domain contributes 21 percent of the exam score. The exam’s objectives are covered through knowledge, application and comprehension, and the exam has both multiple-choice and performance-based questions. The performance-based questions are designed to test the candidate’s ability to troubleshoot problems in a simulated environment.

The objective of the treats, attacks and vulnerabilities module is to ensure you can understand and explain different types of security compromises, the types of actors involved, and the concepts of penetration testing and vulnerability scanning. The module covers the following six sections.

Indicators of compromise and malware types

Malware is malicious software designed to gain access to or damage a computer or system without the user’s knowledge or consent. It’s usually delivered via an email attachment, or link to a malicious site or a legitimate site that’s been infected. Common malware includes:

Viruses: This malware inserts itself into another program and then propagates from one computer to another, causing detriment on the infected systems.

Ransomware: Designed to block access to a computer system, often for a financial payout, ransomware can also destroy files.

Trojans: Typically disguised as legitimate software, Trojans can be used for a variety of tasks, from accessing data to inserting other malware.

Bots: Derived from “robot,” this automated process can be used for malicious purposes to automate tasks such as opening a back door or stealing data.

Spyware: Like the name implies, spyware can be used to monitor and transmit information without the user’s authorization.

RATs: RATs, or remote access Trojans, are typically designed to gain complete control over a computer remotely, using techniques that make them particularly difficult to detect.

Types of attacks

Malicious actors employ a variety of attacks to compromise information systems, (Read more...)

*** This is a Security Bloggers Network syndicated blog from InfoSec Resources authored by Rodika Tollefson. Read the original post at: