Threat Modeling: Spoofing In Depth
Offered By: LinkedIn Learning
Course Description
Overview
Learn about one of the key threats to modern systems: spoofing, or authentication attacks. Explore ways that attackers spoof people, machines, file systems, and processes.
Syllabus
Introduction
- Mitigate spoofing threats
- Four-question framework
- Spoofing as a part of STRIDE
- Account creation
- Authentication factors
- Attacking what you know
- Attacking what you have
- Attacking what you are
- Attacking where you are
- Attacking who you know
- Attacking phone authentication
- Spoofing a host
- Advanced host spoofing
- Spoofing the OSI model
- What you know in host spoofing
- Spoofing TLS
- Spoofing a specific person in email
- Spoofing a person on a website
- Spoofing a person in video and audio
- The nature of "open" and paths
- Libraries (LD_PATH, %Downloads%)
- Defenses with extra fail
- Next steps
Taught by
Adam Shostack
Related Courses
Developing APIs with Google Cloud's Apigee API PlatformGoogle Cloud via Coursera Play by Play: Authenticating External App and Service Integrations with Salesforce
Pluralsight Introduction to Application Security Course (How To)
Treehouse API Security on Google Cloud's Apigee API Platform
Pluralsight Analyzing Network Protocols with Wireshark
Pluralsight