YoVDO

Threat Modeling: Spoofing In Depth

Offered By: LinkedIn Learning

Tags

Threat Intelligence Courses Cybersecurity Courses Web Security Courses OSI Model Courses Threat Mitigation Courses TLS Courses Spoofing Courses STRIDE Courses

Course Description

Overview

Learn about one of the key threats to modern systems: spoofing, or authentication attacks. Explore ways that attackers spoof people, machines, file systems, and processes.

Syllabus

Introduction
  • Mitigate spoofing threats
  • Four-question framework
  • Spoofing as a part of STRIDE
1. Authentication Basics
  • Account creation
  • Authentication factors
2. Spoofing Authentication Factors
  • Attacking what you know
  • Attacking what you have
  • Attacking what you are
  • Attacking where you are
  • Attacking who you know
  • Attacking phone authentication
3. Spoofing Hosts
  • Spoofing a host
  • Advanced host spoofing
  • Spoofing the OSI model
  • What you know in host spoofing
  • Spoofing TLS
4. Spoofing People
  • Spoofing a specific person in email
  • Spoofing a person on a website
  • Spoofing a person in video and audio
5. Spoofing Files
  • The nature of "open" and paths
  • Libraries (LD_PATH, %Downloads%)
  • Defenses with extra fail
Conclusion
  • Next steps

Taught by

Adam Shostack

Related Courses

Proactive Computer Security
University of Colorado System via Coursera Security in Office 365
Microsoft via edX Threat Detection: Planning for a Secure Enterprise
Microsoft via edX Cyber Threat Intelligence
IBM via Coursera Security Analyst Fundamentals
IBM via Coursera