YoVDO

Threat Modeling: Spoofing In Depth

Offered By: LinkedIn Learning

Tags

Threat Intelligence Courses Cybersecurity Courses Web Security Courses OSI Model Courses Threat Mitigation Courses TLS Courses Spoofing Courses STRIDE Courses

Course Description

Overview

Learn about one of the key threats to modern systems: spoofing, or authentication attacks. Explore ways that attackers spoof people, machines, file systems, and processes.

Syllabus

Introduction
  • Mitigate spoofing threats
  • Four-question framework
  • Spoofing as a part of STRIDE
1. Authentication Basics
  • Account creation
  • Authentication factors
2. Spoofing Authentication Factors
  • Attacking what you know
  • Attacking what you have
  • Attacking what you are
  • Attacking where you are
  • Attacking who you know
  • Attacking phone authentication
3. Spoofing Hosts
  • Spoofing a host
  • Advanced host spoofing
  • Spoofing the OSI model
  • What you know in host spoofing
  • Spoofing TLS
4. Spoofing People
  • Spoofing a specific person in email
  • Spoofing a person on a website
  • Spoofing a person in video and audio
5. Spoofing Files
  • The nature of "open" and paths
  • Libraries (LD_PATH, %Downloads%)
  • Defenses with extra fail
Conclusion
  • Next steps

Taught by

Adam Shostack

Related Courses

Computer Vision with GluonCV (Spanish)
Amazon Web Services via AWS Skill Builder Performing Threat Modeling with the Microsoft Threat Modeling Methodology
Pluralsight Modelado de Amenazas - Threat Modeling
Udemy