Threat Modeling: Spoofing In Depth
Offered By: LinkedIn Learning
Course Description
Overview
Learn about one of the key threats to modern systems: spoofing, or authentication attacks. Explore ways that attackers spoof people, machines, file systems, and processes.
Syllabus
Introduction
- Mitigate spoofing threats
- Four-question framework
- Spoofing as a part of STRIDE
- Account creation
- Authentication factors
- Attacking what you know
- Attacking what you have
- Attacking what you are
- Attacking where you are
- Attacking who you know
- Attacking phone authentication
- Spoofing a host
- Advanced host spoofing
- Spoofing the OSI model
- What you know in host spoofing
- Spoofing TLS
- Spoofing a specific person in email
- Spoofing a person on a website
- Spoofing a person in video and audio
- The nature of "open" and paths
- Libraries (LD_PATH, %Downloads%)
- Defenses with extra fail
- Next steps
Taught by
Adam Shostack
Related Courses
Internet History, Technology, and SecurityUniversity of Michigan via Coursera Client-Server Communication
Google via Udacity HTTP & Web Servers
Udacity Network Security
Georgia Institute of Technology via Udacity Web Security Fundamentals
KU Leuven University via edX