Domain 2: Threats, Vulnerabilities, and Mitigations
The second domain of the CompTIA Security+ SY0-701 certification focuses on what threats you can expect, the vulnerabilities in systems, and what can be done to tackle issues.
You’ll get an overview of the various threat actors, from large nation-state actors to organized crime, insider threats, and unskilled chancers, as well their motivations and how they function. You’ll also learn the different ways malicious actors can attack IT systems, such as phishing, social engineering, and hacking through various parts of an IT networks or even service providers.
This section will further discuss the possible vulnerabilities in an IT system, from the application level through operating systems, hardware, the cloud, and portable and personal devices. It also covers how to recognize malicious activity, looking at the indicators of attacks such as brute-force, injection, and cryptographic attacks.
Finally, Domain 2 will...