Summary
This chapter covered the various types of application vulnerabilities, including race conditions, buffer overflow, and the more heavily tested web-based vulnerabilities, such as SQLI and XSS. We then looked at hardware vulnerabilities, starting with firmware updates and then EOL systems, as well as cloud virtualization and supply chain vulnerabilities, before finally reviewing mobile device vulnerabilities and the use of an MDM solution for added security.
The knowledge gained in this chapter will prepare you to answer any questions relating to Exam Objective 2.3 in your CompTIA Security+ certification exam.
The next chapter is Chapter 8, Given a scenario, analyze indicators of malicious activity.