Did you know Cybrary's video training is FREE? Join more than 2,500,000 IT and cyber security professionals, students, career changers, and more, growing their careers on Cybrary.
This section is devoted to discussing the major types of network security threats. There are so many of them that we can only touch on the major types in this video. Just be aware that this topic is a very testable one on the CISSP exam! Some of the common attacks covered in this section are viruses, worms, logic bombs, and Trojans. A virus is malicious code that requires an action on the part of a user in order to spread. Examples are opening a malicious email attachment or running a malicious script such as a vbscript used in an MS Office document. A worm is similar to a virus but doesn't require a host. It is also self-replicating which means that no user action is required to spread it. A logic bomb is malicious code that lays dormant until a logical event occurs such as the addition or removal of a particular record from a database. Trojans are malicious payloads disguised within benign appearing files. They are a common means for distributing back door exploits where remote attackers gain access to a network or system. Other threats mentioned in this video have some rather strange-sounding names: salami attack, data diddling, Fraggle, Bonk, and Smurf attack. It should be noted that as in previous sections, you should understand the OSI layer associated with common threats as well as the mitigating strategy for dealing with the threat. The more of these types of threats that you at least have an awareness of, the better prepared you'll be for the exam and perhaps more importantly, the better armed you'll be for real world threat situations!