When will I have access to the lectures and assignments?

To access the course materials, assignments and to earn a Certificate, you will need to purchase the Certificate experience when you enroll in a course. You can try a Free Trial instead, or apply for Financial Aid. The course may offer 'Full Course, No Certificate' instead. This option lets you see all course materials, submit required assessments, and get a final grade. This also means that you will not be able to purchase a Certificate experience.

What will I get if I subscribe to this Specialization?

When you enroll in the course, you get access to all of the courses in the Specialization, and you earn a certificate when you complete the work. Your electronic Certificate will be added to your Accomplishments page - from there, you can print your Certificate or add it to your LinkedIn profile.

Is financial aid available?

Yes. In select learning programs, you can apply for financial aid or a scholarship if you can’t afford the enrollment fee. If fin aid or scholarship is available for your learning program selection, you’ll find a link to apply on the description page.

CyberSec First Responder – Advanced (CFR-A): Attack

This course is part of CyberSec First Responder – Advanced (CFR-A): Exam CFA-110 Specialization

Instructor: Bill Rosenthal

Included with

Learn more

4 modules

Gain insight into a topic and learn the fundamentals.

2 weeks to complete

at 10 hours a week

Flexible schedule

Learn at your own pace

4 modules

Gain insight into a topic and learn the fundamentals.

2 weeks to complete

at 10 hours a week

Flexible schedule

Learn at your own pace

What you'll learn

In this course, you will get oriented to your tools and environment, exploit vulnerabilities in software, and exploit vulnerabilities in systems.

Skills you'll gain

Tools you'll learn

Details to know

Shareable certificate

Add to your LinkedIn profile

See how employees at top companies are mastering in-demand skills

Learn more about Coursera for Business

logos of Petrobras, TATA, Danone, Capgemini, P&G and L'Oreal

Build your subject-matter expertise

This course is part of the CyberSec First Responder – Advanced (CFR-A): Exam CFA-110 Specialization

When you enroll in this course, you'll also be enrolled in this Specialization.

Learn new concepts from industry experts
Gain a foundational understanding of a subject or tool
Develop job-relevant skills with hands-on projects
Earn a shareable career certificate

There are 4 modules in this course

This course will be useful to anyone who is an experienced cybersecurity practitioner and would like to take their skills to the next level. You will begin a multi-stage process by performing reconnaissance and simulating an attack using Metasploit. You'll then exploit code-execution, injection, and web-app vulnerabilities. Lastly, you'll exploit access, network, data, and file-configuration vulnerabilities. These all contribute to the first stage of the overall CFR-A program: Attack.

Module details

Whether you're thinking like an attacker or a defender, it's always good to start by knowing what you're up against. This first lesson will ensure you're suitably acquainted with the systems and software that comprise the overall class environment. You'll also become more familiar with the role(s) each system or software plays throughout the course, as well as your initial role as a threat actor.

What's included

1 reading6 plugins

In this lesson, you'll conduct a simulated attack campaign by focusing on exploiting flaws in software. You'll execute different types of attacks on different types of software to see how these flaws can lead to significant compromise.

What's included

4 plugins

Your simulated attack campaign will continue and eventually conclude with this lesson, which shifts the focus from exploiting software vulnerabilities to exploiting flaws in systems. These flaws exist regardless of how up to date or regularly patched the organization's software is, so attackers won't hesitate to use them as a vector if the software-based attacks prove ineffective.