Special offers now — see discounted courses.
day
:
hour
:
min
:
sec
See special offers
Threat Modeling: Spoofing In Depth

Threat Modeling: Spoofing In Depth

55mIntermediate2019-02-27

Authors

Adam Shostack

Adam Shostack

Consultant, Entrepreneur, Technologist, and Game Designer

Course details

Threat modeling is a framework for thinking about what goes wrong. Security pros and software developers should learn to threat model early in their careers, because it shapes every system they build and defend. Spoofing, pretending to be someone or something you're not, is one of the key threats to systems. This course teaches you many of the ways in which spoofing happens, including spoofing of people, machines, file systems, and processes. As instructor Adam Shostack explains, spoofing entails many factors: what you know, who you are, where you are, who you know, and more. There's spoofing of people and spoofing of roles, spoofing of processes or file spaces on a system, and spoofing of machine, IP, name, and TLS identities. Learning how and where these attacks take place will help you excel in your career and deliver more secure products and services.

Learning objectives
Authentication basics
Attacking different authentication factors
Spoofing a host
Spoofing people
Spoofing files

Skills covered

Software Development SecurityNetwork SecurityCybersecurityDeep Dive (X:Y)

Concepts

0. Introduction

  • 01 - Mitigate spoofing threats
  • 02 - Four-question framework
  • 03 - Spoofing as a part of STRIDE

1. Authentication Basics

  • 04 - Account creation
  • 05 - Authentication factors

2. Spoofing Authentication Factors

  • 06 - Attacking what you know
  • 07 - Attacking what you have
  • 08 - Attacking what you are
  • 09 - Attacking where you are
  • 10 - Attacking who you know
  • 11 - Attacking phone authentication

3. Spoofing Hosts

  • 12 - Spoofing a host
  • 13 - Advanced host spoofing
  • 14 - Spoofing the OSI model
  • 15 - What you know in host spoofing
  • 16 - Spoofing TLS

4. Spoofing People

  • 17 - Spoofing a specific person in email
  • 18 - Spoofing a person on a website
  • 19 - Spoofing a person in video and audio

5. Spoofing Files

  • 20 - The nature of open and paths
  • 21 - Libraries (LD PATH, Downloads )
  • 22 - Defenses with extra fail

Conclusion

  • 23 - Next steps

Related courses

Related learn paths

About us

LyndaKade is a leading learning platform that helps people learn business, software, technology, and creative skills to achieve personal and professional goals.

Phone numberAparat ChannelTelegram SupportTelegram ChannelInstagram Page

All rights to this site belong to LyndaKade.

Terms of Service|Privacy Policy

نماد الکترونیک enamad در صورت اتصال با آی‌پی داخل کشور، نمایش داده خواهد شد.
logo-samandehi - لوگو ساماندهی
zarinpal
zibal