Pass CompTIA Security+ SY0-601 Exam in First Attempt Easily
Latest CompTIA Security+ SY0-601 Practice Test Questions, Security+ Exam Dumps
Accurate & Verified Answers As Experienced in the Actual Test!
Check our Last Week Results!
- Premium File 849 Questions & Answers
Last Update: Feb 17, 2024
- Training Course 201 Lectures
- Study Guide 920 Pages
Download Free CompTIA Security+ SY0-601 Exam Dumps, Security+ Practice Test
Free VCE files for CompTIA Security+ SY0-601 certification practice test questions and answers, exam dumps are uploaded by real users who have taken the exam recently. Download the latest SY0-601 CompTIA Security+ certification exam practice test questions and answers and sign up for free on Exam-Labs.
CompTIA Security+ SY0-601 Practice Test Questions, CompTIA Security+ SY0-601 Exam dumps
1. SY0-501 vs. SY0-601
In this video, I'm going to be talking about the SY0-501 versus the SY0-601.Right off the bat, this course covers both 501 and the 601.But this is a course that is built for the 601 exam. So a couple of questions that I had got from this course, the people that saw me made it was and my old students here at Tia that know I was making this course, says Andrew, can I use it to pass the 501 exam? Absolutely. The 601 exam includes all the objectives of the 501 plus more.
The 601 is a bigger exam. It's a much bigger exam than the 601.The contents I cover in this courses much more than I covered there. In fact, this one, I would say 20% to 30%more content is out of here, more updated content, anyhow. So if you are taking your 501 exam, you can take this course and you should take this course.
You know why? Because this course is going to teach you not just the materials to pass your 501 exam, it's going to teach you materials that's more current, more relevant to today's world of security. So just a quicker, quick video on that. If you're taking your 501, stay with me on this course, learned a new material, it's going to be good for your own security career and pass in your exam.
2. Exam Information
You in this video, I'm going to be talking about the security plus exam, particularly SYL 601.Now, this particular exam is a 90minutes exam with up to 90 questions. Now notice I say up to, which means some of you may get less questions.
Some of you may get 78 questions,82 questions, 84, 85, 86 questions. Now you're basically going to get two types of questions. You're going to get multiple-choice and performance based questions. So a multiple choice questions, you got to select one of those choices. And a lot of times they may say select two choices. The other ones are the ones that a lot of you guys fear.
Its performance based questions. Most of the time, performance based questions are generally to match things up or put things in order. That's really what they are.
Sometimes you get diagrams where you got to problems. Maybe there's a firewall issue and you got to change the port or change the order of the firewall rule set. We're going to be going over that a lot, especially on the Sonic wall when I get to how to configure firewalls. So the performance based questions are not that difficult. Don't fear them. They generally come right at the beginning of the exam. So you have multiple choice, you have PBq questions. Now this 90 minutes' time frame is more than sufficient for your exam.
I have never really heard students complain about it. I personally finished it in about 35 minutes, I think, when it came to finishing, when it came to taking this exam. So if you study well, you know the work you do, the labs I do in this class, you follow along with me, you understand the demonstrations I'm doing. I think you'll be just fine in terms of timer answering those performances based questions. Don't forget to check out the performance based questions section at the end of the class.
Now, the next thing we want to talk about is the passing score, because this one is pretty scary. It's 750 out of 900.That's about 83%. Now, I have 62 certifications and I've taken over 100 certification exams because some certifications require multiple exams. And I must say this is one of the highest ones I can't remember off the top of my head if I've ever taken an exam. Maybe a Cisco exam where the bar was higher. I think maybe a Cisco was 85%, but it's a pretty high score. But it's not a very difficult test, right?
If you do the labs, you go along what I'm telling you, you make some notes, you do some practice questions, you'll be just fine. Now, in this video, I'm also going to talk about what we're doing in the domain. So there's five domains that this exam covers. So we got five domains that we're going to take a look at. Let's go through them really quickly. So domain wanted tax threats and vulnerabilities. That's a pretty cool domain. You're going to have some fun watching me do this domain because in this domain I'm going to show you guys how to install malware on your computer, which I will.
I'm going to install a bunch of malware on our virtual machines and then we're going to have to delete them. You're going to see me install things like crypto locker and Trojans on our computers. I'm going to show you guys how to hack the hell out of the Wi-Fi on my business class sonic wall that I have here that we bought for this class. I'm also going to show you guys how to sniff packets and crack things like FTP and so on. In domain two, we'll talk about some architects and design concepts. By the way, domain one was 24% architects and design concepts such as cryptographic concepts that we're going to need to know to secure our networks. Different forms of those concepts comes in at 21%. The other one you have is implementation. So we hack the hell out of the wireless.
We have to the hell out of the firewall. Now we got to secure it. So in this one, I'll show you guys how to write firewall policies. We'll take a look at ideas, systems and all that good stuff in order to secure network and a whole lot more. Check out the videos on that. Really good. The other one. Now, domain four comes into operations. This one starts out with me going through a whole bunch of commands you need to know. A lot of it is Linux based commands you need to know for your exam. Then we go into what is the incident response process. I'll show you guys some forensic software and tools in there.16%. And then finally governance risk and compliance.
And this one, we're going to be going through somethings you need to know a few different laws and regulations, the GDPR, PCI compliance and so on. You also need to know about risk management. We covered that towards the end of the section 14%, adds it up, you get 100%. Okay? That is the structure of the exam. Last thing I want to talk about is where do you take the exam. Now you could opt to take this exam at Pearson View. If you want to schedule your exam, you go to View vue.com, okay? Victor Universityumbrella.vue.com is where you would go to schedule your exam. When you go there, click on Test Takers, type in the word CompTIA and just click CompTIA and it will take you to the page to log increate an account and you can take the exam.
Now, where do you take it? You could go to a physical Pearson View testing center if you want to take this test in person. But as of right now, they're offering this test and a lot in the online format. So if you go in person, you got to schedule it. You pay for it. You show up in person.
You take it again, 90 minutes, 90 questions. Get that?83%. You pass. The moment you pass, by the way, it tells you, if you do it online, you're going to need to have a camera and a quiet room for that period of time. No one can be in the room. I took the test when it was online. I took the test online. And basically, I sat at this desk. I just lowered it with a chair, and I put a camera in front of me. And the proctor, I guess, watched me do this test. So I think this is a great option because you're in the comfort of your own home. You got your own temperature. You got your own comfort temperature. You got your own mouse, your own keyboard, your own monitor. Because when you go into those testing centers, it's cold. The mouse is dirty. The keyboard is not up to your standards. The screen is too small when you're doing it at home. Hey, it's your room. It's your comfort. And again, if you have that quiet room, if you can get a, quote, place of work to do, it okay. That's the specifics of the exam. Let's keep going.
3. Building a lab
In this video, I'm going to be talking about how the lab is set up in order to conduct most of the things that I'm going to be doing, or I'm going to be showing you in this class. So if you want to follow along with me, you're going to have to set up a lab here. Now, it's not a complex setup. In fact, all you need is two operating systems and maybe a wireless device, if you have one. So let's get into it. Now, this is a common question I get this is a lab based course.
When I created this course, I didn't want to just stand up and talk about concepts. That would have been easy. I would have film this entire course in a few weeks, maybe a month or so. But this course took a long time to film because of all the labs I'm doing with you guys. I'm just not showing it to you. I'm just not telling you. I'm actually showing it to you how it's done, how that hacked is done, how that security is configured. So in this video, I'm going to show you the lab I used.
Now, this video is actually being Films camera guy over there. It's actually, when I'm done recording the whole class, I'm actually finished the whole class has been recorded already. So I'm going to show what the end product looks like. This is what the lab looked like at the end of it. And it's not a complex lab set up, but you're going to need some hardware on your computer to do this. So let's just go into it. First of all, I use Virtual Box, and they're all virtual machines that I've installed.
And basically, I use the three operating system, a client operating system, which is going to be you could use Windows Seven or Ten. We use Kali Linux. And there were sometimes I did use Windows server where I showed you guys how certificate services were working. I showed you guys some active directory concepts also in here. So to build a lab here, let's take a look. So my lab here is my virtual box. So you're going to first of all, you're going to have to get Virtual Box.
How do you get Virtual Box? Well, virtual boxes are a virtualization software that we're going to be using Virtual Box. Here we go. So you can download this right here. Go ahead and install it on your computer. So this is Virtual Box. Now, once you have this installed, you got to get the operating system. So the first one is windows Ten is good. You seem to use Windows Ten a lot to put a lot of the software on that I was using, download Windows Ten. Do this. Put a windows ten ISO trial. Don't put ISO, download it takes it to another page. Put ISO trial.
You want to get to the part where it says, try Windows Ten Enterprise. We need the Enterprise evaluation version because we use some of the enterprise tools on it. The home version of Windows 10 may not have all the tools that I'm going to do in the lab. Now you're going to basically select Enterprise. You would say can you do have to fill out your information. Just put company as none, put in some job title if you like. Microsoft is probably going to come after me for telling you to do this. And then you say continue. Hey, Microsoft for education. Okay. And you would say continue. Then it gives you the ability to download it's you can use this ISO to install the Windows operating system in Virtual Box. Now the other operating system, Windows Server 2019.
If you want to get a Windows Server ISO trial, same concept, right? So you could use this. I do have a Windows Server 2019 running with that's, my colleague there with the active directory installed. So select your experience. We don't want the jurisdiction. We're going to say continue on the ISO. All right? So make sure to get that. The other operating system that we use was Kali. So Kali.org and you go to download and you do download Kali Linux. Now, I make it easy for myself. I just download the Virtual Box one. They have a virtual box image that you can download. And I just download this. You double click on it and it expands it and it opens it up.
So here's the download on Kali Linux Virtual Box. And what I do, I go in here. This is VMware in here. We're going to expand this. Make sure to get there. Don't download the VMware one. I've had so many students do this, and they always download the VMware. And they always tell me, because when I teach this course in the live class, they do that to me. We just go ahead and download this one here, 64 bits. You download it, it's 3.6 gigs. You double click it, it expands up and it opens up and it allows you to log in. Don't forget to default username is Kali. Kali.
Now, I log in at the root most of the time. There's a little tutorial on that. Okay? The last thing I want you guys to know is we will be taking a look at some cloud concepts. And the cloud concepts, I'm going to show you how to create VMs in the cloud. We'll take a look at some security controls and instances in the cloud. You guys can get a free cloud account with AWS. This does take 24 hours to set up. So you guys check this out. We're going to go to AWS, Amazon.com, and you guys are going to go in here and sign into your console. And then you can just create a new way. It's free, okay? It's free. AWS is free. Well, to practice it, you get a certain amount of hours every month.
So we're going to create a new AWS account, and you can go ahead. Twelve months of free tier access, and you can go out there and set up. Now, this takes 24 hours to set it up. So see me get some VMs going in there. You'll see me try some different things. And as a security professional, you should know these things. So to set up the lab, make sure to install your Windows Ten, expand your colleague, make sure you have that. Get your AWS account going. The active directory in Windows Server 2019 is optional. You don't necessarily need it. But I did show you guys some good security concepts with it. Okay? This is how you set up the lab. Now, remember something. I always tell my students this. You can't secure what you don't understand. The best way to understand something is to do it. So let's go and do it. Actually, you know what? I'm not ending the video.
I forgot to mention something before I end this video. Ram, you need Ram that you need to have. I completely forgot that. If you have a computer, you don't necessarily need a fast CPU. You need to have a lot of Ram. So this computer that I'm using so I'm going to right click on my Start button, I'm going to get system this computer, as I'm using a sugar net to see, has 64 gigs of Ram. Now, you don't need that much. Okay? You don't need that much Ram.
Now, Ram on your computer, you don't need a fast processor either. You need to have a minimum eight gigs of Ram. Give your VMs two gigs, you're never running more than, like, two VMs at a given point anyhow. So eight gigs of Ram is good. Four gigs probably not going to work. Eight gigs of Ram, it's usable.16 gigs is ideal. Anything over 16 gigs, it's a lot. I teach a lot of Ethical Hacking classes, so sometimes I have six or seven VMs.
Most of the time you see me in the videos, you'll notice I have only, like, five or six VMs. But to do the lab, you only need, like, two VMs.16 gigs of Ram and up is great. More VMs you run, more jobs you can do. Now, like I was saying, let's go and do it. Because remember, you can't secure what you don't understand.
1. CIA Triade
In this video, I'm going to be talking about what is most important in security and what is it all about. So before we get into the whole security plus So before we get into the whole security plus I'm going to be talking just a little bit about some basic security concepts that we should all know before we get started. And that is, what exactly is security? Security is basically the protection of assets.
That's our objective. We want to protect assets. Now, can you tell me what's the most important asset an organization has? Some people may say it's data, some people may say it's facilities or equipment. You're all wrong. Number one, assets security professionals will protect is people. Remember this for your example. People lies is the most important asset you will protect.
We can always recreate data, we can always rebuild facilities, we can always buy new equipment, but we could never ever recreate a life. So remember, for your exam, human life is the most important concept when it comes to securing. The most important concept when it comes to applying security control and secure in your environment, then secondary to that comes data, facilities, and so on. So remember, security is all about doing what? Protection of assets.
Now when it comes to this security protection, there's couple of things you guys should know. Notice term for your exam, IA confidentiality, Integrity and Availability. Now the way CIA is written on the exam will look something like this. Or most of the time you will see it. This is probably not going to be on your exam, but the theory is CIA is basically a triangle and its basically C, the I and the A.
You can put them in any order you like. It could be C on the right I and the A does not matter. But this is called the CIA Triad. Now the CIA Triad talks about confidentiality, integrity and availability. Now what this is means is this confidential data. When you think of security, what do you think about? You know what I think about confidentiality. How do we keep confidential data confidential? Confidentiality relates to the point of keeping secret data secret.
So if I say this data is confidential, then only the intended recipient should be able to actually read it. So one of the things we're going to learn this course is encryption. So for example, when I encrypt data, only the intended recipient with the decryption keys should be able to read it. Another way we can do confidentiality Windows permission. So if I set permissions that Mary can access the file, but Bob can't. There you go. Bob cannot put confidentiality, but Joe could, so she could.
So that's confidentiality there. So when this permission can help me enforce confidentiality, the other one is integrity. We're going to learn in cryptography. We're going to learn about Hashem. Integrity is going to be where we can detect data modification, whether it's intentional or unintentional modification where we can stop mistakes from happening or hackers manipulating our data. Integrity is a core goal of security. You don't want data being manipulated. Imagine somebody going to the Amazon website and changing the price of products. Imagine company memos having the price change or stock price changes or income changes or expense changes in a business.
Integrity is a core goal, is security. How do we do it? Well, we're going to use cryptographic hashes in order to detect modification. You can even use access control like Windows permission from stopping people from modifying your data. And the other one is availability. You know what comes to my mind? Availability. Power outages, hurricanes and floods. These can take out the system.
Availability means a loss of a particular service or a system on the network. Now, natural disasters like I mentioned can take outran entire system, cause availability issues, but also so can Dodos attack the non-service attack which you'll see me do as we get into the hands-on portion of this course coming up later. So, availability issues, how can we protect it?
Having redundant systems, redundant power supply rate systems, alternative hot sides or redundant sites in case one sites go down. Now, when it comes also to security, there are other concepts that you guys need to understand and the concept of ensuring that people logging in, the concept of basic security measures. These are concepts that we're going to be covering in this section. Coming up in a few more videos before we get into the actual security plus objectives. But let's going to make sure we got the security basics right now.
In this video, we're going to be talking about a concept called I quad A. Some people also call this triple A, but there's more to the triple A. It's actually I and four a you'll see what I mean? What exactly is the security goal? The security goal is to prevent the tour, stop intrusions from breaking into our systems and affecting our network. So what we want to do is we want to come to the point where if anyone breaks into our network or anyone commits a crime, we can hold them accountable. In other words, we can prosecute them for crimes that they commit. And this is really what this concept goes into. Throughout this class you're going to learn some amazing things. You're going to see some amazing tools that I'm going to use.
You're going to get some amazing hands on experience. But we must always keep in the back of our mind that we're doing these things in order to stop a crime, in order to stop someone from breaking in or in order to correct the crime in there. Now this concept, they deal directly with that because imagine if someone knows that if they try to commit a crime against us, they will be caught. And we have controls in place in order to hold them accountable for those crimes.
And this is where this really comes into place. So I want you to take a look at this. Identification, authentication, authorization, auditing and accountability. Let's put these all into perspective. Identification is the first thing you have to do with subjects on your network. Identification is generally a username, right? So identification is you telling the computer, hey, my name is Andrew. Now the computer is like, well, prove it. I don't know your name. Okay, it's okay if your name is Andrew, but I don't know if you're Andrew or not. This is authentication. Authentication is proven who you are to that system. So authentication is generally a password. Now there are different types of authentication factors that will identify you, authenticate you at the same time, like biometrics. But our temperament, but generally a username, which is generally something public usernames, are not hidden. Notice when you type it, it's actually out. People can see it.
They stand behind you. It's not a hidden secret. The username is the identification, and the actual password is going to be the authentication. Now the other thing here is what do you have access to? This is authorization. When people log into a computer, they need to have certain kinds of access to certain data. This is authorization. So authorization is going to be things such as having access to that folder but don't have access to that folder. The ability to write to that file, but not to that file. The ability not to see that folder at all. That's authorization.
The next part of this is auditing. So we're going to talk a lot about auditing and log files coming up more towards the end of the class. We want to be able to track what users are doing. We want to be able to say, you logged in at 06:00. You logged out at 610.You access this file at 605.Auditing collects data on what they're doing in the systems. You can't hold someone accountable if you can't prove them accessing the data. And finally, we're going to be able to hold someone accountable for their actions. That way, Jane or Bob can't deny that they stole the data.
So accountability is a big topic we have in our world of information security because we need to hold users accountable. Hey, Bob, you stole the data. So Bob is like to approve it. I said, Well, I have the log files of you accessing the data. I know you have access to it, and it was your username and password to access it. Now, it's going to be hard for Bob to deny this. There is a term that you should know for your exam that's closely related to accountability.
This is called non repudiation. Nonrepudiation is a term that basically specifies that a subject cannot deny that an event has taken place. Okay? The subject cannot deny that an event has taken place. So I'm going to say, Bob, you stole the data. And Bob is like, no, it wasn't me. And then I said, Well, Bob, it was your username. It was your password; it was your account. So only you have your password. You did have access to the file. I have a log files of you copying the data.
Now, Bob can't deny that he stole the information. Now, repudiation means people can't deny it's, for example, if I pick up this great laptop in front of me, and I ran out of the room, and then the company calls the police and says, hey, Andrew stole a laptop. And the cops come after me, says, Andrew stole a laptop. And I'm like, no, I didn't. And they're like, when you have camera footage of you doing it? And I'm like, all right, you got me.
I can't repudiate it now, and I will be held accountable for it because of the camera footage. So physical security control we can use to provide non repudiation would be the camera footage. Okay, just a quick concept here. Again, this section is just going through some quick security concepts. Identification. Make sure you identify your subject. Make sure you authenticate them. We're going to authorize them to get to actually access resources. You must audit them. And then, of course, accountability to ensure that we can hold them accountable for the actions they take on our network.
3. Basic security controls
In this video, I'm going to be talking about basic security controls. Now, if you have taken other certification exams before, you're probably familiar with these. just some really basic controls that you should have. Now I'm doing this video not because this is really on your exam, but because I want everyone on the same page. So don't skip the video.
Watch it out. It's not long, I promise. I'm going to make it quick. So what are some basic security controls you're going to have in your organization? Number one for me is user training. Most malware that enters organizations and affects businesses today is delivered via phishing emails; train users to detect phishing emails, and social engineering methods such as people calling you and asking for information are effectively defeated by good user training.
So make sure to have that. Another thing you're going to have is endpoint protection software, which includes things like having malware detection, like antivirus and anti-malware software, having firewalls on servers, on desktops, and on your network, and having intrusion detection systems on your systems throughout your entire network. You also want to make sure that you have good encryption strategies to encrypt confidential data. Access controls, such as Windows permissions, will also be available to deny Jane but grant Bob or vice versa.
Now, a lot of those were technical controls. Now the other controls that you should be familiar with are physical controls that we're going to be implementing in our organization. Physical controls are going to be things like having door locks and secure physical environments, being able to have locked cabinets, security guards, guard dogs, badges, walls, fences, fire suppression systems, and so on. Those are going to be physical controls within the environment. So notice I mentioned you have these technical controls, such as endpoint protection.
We received user training as well as these physical controls. These are just some generic controls that we should have. Keep in mind the word "control" means something we do to protect our assets. Like a firewall is a type of a control. Okay, so said it was a quick video. This is all I have to say about this particular one. Let's get into the course right now. Let's go have some fun. I think the next section after this is malware or a tax or something like that. Have some fun in that section, and I'll see you there.
Social engineering techniques
1. Phishing, Smishing, Vishing, Spear phishing, Whaling
In this video, I'm going to be talking about fishing, sword fishing, spearfishing, and whaling—a lot of terms. Let's get started. So I think in today's logical world, if you are a hacker or a pen tester, it's becoming more and more difficult to steal private information. You see, let me explain, and I'm talking technologically speaking. Let me explain. Over the last many years, I would say the last five years or so, banks and health institutions and so on have made it mandatory that users change their passwords periodically and have complex passwords.
You probably went to set up a password at a banking website, and now it's got to be complex; it's got to be uppercase; it's got to be lowercase. And my bank is even making me change it periodically. So it's becoming more and more difficult. If a user has a really complex username and password, it's very difficult to crack. It may not even be worth it. So how do we get this information from the users? And the best way to do it is to mislead them by letting them give you the information in some way or some other. And this brings me to efficient attacks.
So you've probably heard about efficient attacks, and phishing attacks are really famous because what they do is they'll send you an email that looks like it's coming from PayPal. And even though it looks like it's PayPal, it's not actually PayPal, right? It's a fake domain that has a PayPal-looking page on it. And when you click on it, it takes you to it, where you try to log in, and basically captures the information. I'll show you what I mean.
Let me show you guys what this looks like. So I'm going to go here to PayPal. I'm going to go to PayPal, and I'm going to just click on "Login" here. And I was looking at this earlier, and it's a very simple site. So what they do is use something called a web ripper. Web rippers are basically software that downloads this entire site. This would be pretty easy to download. You could probably just save this, and you would probably get all the images.
And then what you do is reconnect it to a fake database and grab people's information. So what they do is send you a link in an email that takes you to a page that looks like this. But there's a way to detect this. You have to look at the URL very carefully. There's really no other way. Sometimes they even have trusted certificates, but sometimes it's not a trusted site. So that's one way of telling that it doesn't have a lock on it. And nowadays, if it doesn't have a lock, it'll probably give you an error there.
So what they do is something like this, right? So they may come back, and they may say it's not PayPal.com. It'll probably look something like this, right? It'll be like PayPal.com or Hackerabcabc.com, right? Yeah. So you notice the real domain is this: It's abc.com, the actual domain. And this is just about subdomains. So there's a.com subdomain. There's a subdomain for PayPal. So when users look at it, they think they're still at PayPal, but they're not at PayPal, they're at ABC.com.
You'll know the URL, because generally, right after the main URL itself, the main domain name will be the actual page, maybe like index HTML.
So what they're doing here is tricking you. This looks like a good link. Tell me something, wouldn't this fool people? Because you'd say, "I'm pretty sure they're not going to be like hacked ABC," right? It's going to be some kind of other domain that looks okay. A lot of people would get caught with this, and before you know it, they're going to be entering their numbers and whatever.
And you could probably just put in a number, here. Let's try this. And people would put this in, and PayPal would try to invalidate it or validate it. So that's basically the concept of phishing attacks. So I give you a link, you click on it, and you give me your information. So on their version of it, they would steal the data as you type it in. How do you solve this? How do you solve phishing attacks? Efficient attacks will steal your passwords.
It'll steal your private information, like Social Security numbers, credit cards, and so on. How do you stop this? User training. You've got to teach your users what I just showed them: how to detect that in the URL. The other term I'd like to mention to you is smashing, abbreviated as SM I-S-H-I-N-G. This is when they use SMS text messages in order to send you a link. Now, believe this or not, you are more likely to click on and respond to, or, I should say, tap on, a link in an instant messenger than you are in an actual email. And this is a problem because, you see, we are so used to having junk email that a lot of times we don't read it; we just delete it. But we're probably not used yet to the concept of having been approached over email. So Chase Bank sends you a link text message that says, Hey, something is wrong with your bank account.
Click this to fix it. People click on it, boom. Same concept. They steal your data. So submission. How do you fix this? Use training once again. Now another thing to do is going Tobe voice phishing calling you and asking you for the information, using VoIP, using your phone. This is highly effective—talking to people and getting information out of them. So, instead of calling someone on a VoIP phone or any phone and saying, "It doesn't have to be VoIP," call them on any phone. It's known as VoIP, though. calling someone up and asking them for information.
Hey, I'm calling from Chase Bank, there's been an issue or I'm calling from PayPal, there’s been an issue with your bank account. Please provide me a username and password to log in and fix it. Now this could be effective, and if you're not sure, then they really go after elderly people, which are usually younger people who just don't have the knowledge or ability to detect this. And before you know it, remember: They may not be able to get you, but they don't need you. They did 1,000 calls, and they got two people. That's good enough for them.
So your goal is to play a numbers game and eventually someone will fall for it. So that's voice fishing. How do you fix this? User training. Okay, one way that's highly effective It actually caught me once—I actually clicked on a link once. I didn't put in any information because when I got there, I generally don't click on links, and I'm able to identify these things before I even click on the link, which is spearfished. So technically, in the state of America, at my school, we are an accredited school. And I got an email that looks like it came from one of our accredited bodies. And I didn't know how to get my email to you today. and it looked legit to me.
I didn't read it. I was too excited and very stupid. Without analyzing the link, I just clicked on it, and it took me to a website that I instantly knew because I'm a tech person and I knew, okay, this one is kind of just asking for a password. And the moment I looked at the URL, I knew because, based on what I showed you just now, it's not the real one. I wanted to log in. Spear fishing is when they target you, right? So when you go spearfishing, like actual spearfishing to catch fish in the ocean, you use a spear because it's very precise. Spearfishing is when they target you. They know about you; they have found out information about you.
This is when you're working at a company and your boss sends you an email with his signature. They spoof the email address. They know that person is your boss. They know you work there. They know that's your department. They know you report to this person. And now the boss is telling you to buy something on Amazon or to send you their corporate card or whatever. And if we know what you're sending this person information or clicking on links you shouldn't be doing. Spearfishing is known to have a high effective rate, but it takes a lot of time and effort on the attacker to do it.
But it's highly effective. Once again, user training If you're a hacker or pen tester, you'll also want to do hacking if you want to steal information. You see, whaling is going after the biggest fish in the ocean, also known as the CEO of that business, the managing director, the board of directors, vice presidents, and so on. Going after the biggest fish will give you the most meat or the most valuable information. That's the objective here. You see, the CEO has access to more information. They have access to more valuable information than a normal user does. So whaling will ensure that when you get access to this information, it's valuable information. So, in other words, fish for the CEO. Forget about the low-level employees. Get to the CEO. Okay, we just learned a lot of things there, right? fishing, submission, vision, spearfishing, and whaling.
How do you protect against all of these things? User training. So let me explain a little bit about this. You have to train your users in order to detect things like I just showed you there, like detecting when a URL is bad or when it's not real. Telling users, telling Bob Don't click on the link, Bob. Telling Bob to verify before clicking on the link is to hover over the link to see what the URL is showing.
Telling Bob that if they receive email from someone asking them for information that they don't know not to proceed, and telling Bob that even if they receive email from someone they know, asking for private information to verify with that person, just don't give it out, because sometimes they spoof that person's email. That's the spirit. Physician.
And you especially want to train your executives. You see, training the executives is really important because senior executives are most likely trained in business tactics and business management, and they're not security folks like us, so they don't know these things exist, and they think someone is trying to help them or someone is legitimately trying to give them a million dollars, and before you know it, they steal the company information. So user training is the answer to all of these different types of social engineering. Erin attacks.
CompTIA Security+ SY0-601 Exam Dumps, CompTIA Security+ SY0-601 Practice Test Questions and Answers
Do you have questions about our SY0-601 CompTIA Security+ practice test questions and answers or any of our products? If you are not clear about our CompTIA Security+ SY0-601 exam practice test questions, you can read the FAQ below.
Purchase CompTIA Security+ SY0-601 Exam Training Products Individually