CySA+
  • Introduction
  • Exam Objectives
    • Quiz
      • Threat and Vulnerability Management Competency
        • Questions
  • 1.0 Threat and Vulnerability Management
    • 1.1 Explain the importance of threat data and intelligence
      • Page 1
      • Intelligence Sources
      • Confidence Levels
      • Indicator Management
        • Trusted Automated eXchange of Indicator Information (TAXII)
        • OpenIoC
      • Threat classification
        • Known threat vs. unknown threat
        • Zero-day
        • Advanced persistent threat
      • Open-source intelligence
      • Proprietary / closed-source intelligence
      • Timeliness, Relevancy, Accuracy
    • 1.2 Given a scenario, utilise threat intelligence to support organisational security
    • 1.3 Given a scenario, perform vulnerability management activities
    • 1.4 Given a scenario, analyse the output from common vulnerability assessment tools
    • 1.5 Explain the threats and vulnerabilities associated with specialised technology
    • 1.6 Explain the threats and vulnerabilities associated with operating in the cloud
    • 1.7 Given a scenario, implement controls to mitigate attacks and software vulnerabilities
  • 2.0 Software and Systems Security
    • 2.2 Explain software assurance best practices
    • 2.1 Given a scenario, apply security solutions for infrastructure management
    • 2.3 Explain hardware assurance best practices
Powered by GitBook
On this page
  1. 1.0 Threat and Vulnerability Management

1.5 Explain the threats and vulnerabilities associated with specialised technology

  • Mobile: malware; unpatched devices; jailbreaking; data leaks; OS vulnerabilities

  • IoT: weak passwords; insecure services; lack of security update; outdated component use; insecure data transfer/storage; lack of secure/physical device management

  • Embedded: programming errors; web vulnerability; weak access control/authentication

  • RTOS: RCE; DoS; information leak; improper access control

  • SoC: low-level hardware bugs (boot header modification; partition header table parsing)

  • FPGA: fault injection; hardware trojans; design leaks; foundry fabrication

  • Physical access control: insufficient access control; lack of training; unattended assets

  • Building automation systems: hardcoded secret; BOF; XSS; path traversal; auth bypass

  • Vehicles and drones:

    • CAN bus: DoS; unauthorized remote access

  • Workflow and process automation systems: 3rd party platform vulnerabilities; IAM issue

  • ICS: improper credentials management; weak firewall rules; network design weaknesses

  • SCADA:

    • Modbus: plaintext transmission; no authentication; command injection; weak sessions

Previous1.4 Given a scenario, analyse the output from common vulnerability assessment toolsNext1.6 Explain the threats and vulnerabilities associated with operating in the cloud

Last updated 2 years ago