Systems and Application Security - Identify and Analyze Malicious Code and Activity | Coursera

Systems and Application Security

Video placeholder

Loading...

ISC2

Systems and Application Security

4.8 (145 ratings)

|

4.7K Students Enrolled

Enroll for Free

Welcome to Systems and Application Security Course! In the Systems and Application Security Course, you will gain an understanding of computer code that can be described as harmful or malicious. Both technical and non-technical attacks will be discussed. You will learn how an organization can protect itself from these attacks. You will learn concepts in endpoint device security, cloud infrastructure security, securing big data systems, and securing virtual environments. Objectives 1. Identify malicious code activity 2. Describe malicious code and the various countermeasures 3. Describe the processes for operating endpoint device security 4. Define mobile device management processes 5. Describe the process for configuring cloud security 6. Explain the process for securing big data systems 7. Summarize the process for securing virtual environments

Reviews

4.8 (145 ratings)

5 stars
83.44%
4 stars
13.10%
3 stars
2.75%
1 star
0.68%

RT

Jun 11, 2020

This was an excellent course. I recommend anyone take it that is in the security support role.

GB

Jul 4, 2018

Thank you. Great course. The instructor breaks everything down, and makes it easy to learn.

From the lesson

Identify and Analyze Malicious Code and Activity

Module Topics: Malicious Code, Malicious Code Countermeasures, Exploitation, Insider Threats, Spoofing, Phishing, Spam, and Botnet, Malicious Web Activity, Payloads, Malicious Activity Countermeasures, Malcode Mitigation, and Common Mistakes. Malicious Code includes topics like Key concepts, Example Worms, Polymorphic Viruses, Software Exploitation Methods, Scanners, Generations of Antivirus Scanning Software, Generic Decryption (GD) Technology, Behavior-Blocking Software, Antivirus Software on the Firewall and IDS, Code signing, Code Signing Certificates, Sandboxing, Virtual Machine (VM), Social Engineering, Additional Examples of Social Engineering Attacks, and Security Awareness Training. Under the topic of Exploitation, you will learn about Long File Extensions, Fake Icon, Hostile Codecs, and E-mail. In Insider Threats, you will learn about Indicators of Malicious Threat Activity, Countermeasures, Direction, Prevention, and Deterrence Methods, Continual Training, and Insider Hardware Threats. In Spoofing, Phishing, Spam, and Botnets, you will learn about Spoofing, Examples of Spoofing, Phishing, Common Characteristics of Forged E-Mail Messages, Techniques, How Phishing Works, Impact of Phishing, How to Recognize a Phishing E-Mail, Spam, Spam Distribution Channels, How Does Spam Work?, Spam Techniques, Protecting users From Spam, Botnets, How Are Botnets Created?, Botnet-Led Exploits, Botnet Detection and Mitigation, Common Botnet Detection and Mitigation Techniques. In Malicious Web Activity, you will go through topics like Mobomarket Attack, Cross-site Scripting (XSS) Attacks, The Theory of XSS, XSS Attack Vectors, Is the Organization's Site Vulnerable to Cross-Site Scripting? Example of a Cross-Site Scripting Attack, How to check for Cross-Site Scripting Vulnerabilities, Zero-Day Exploits and Advanced Persistent Threats (APTS), Unknown Vulnerabilities management Process, Five Phases of APT, Brute-Force Attacks, Instant Messaging, Infected Factory Builds and Media, man-in-the-Middle Malcode, Malicious Activity Countermeasures, Network Layer, Application Layer, Modified Hosts File and DNS Changes, Inspection of Process, Rootkit, Rootkit Classifications, Behavioral Analysis of Malcode, and Static File Analysis.

Systems and Application Security6:07

Taught By

(ISC)² Education & Training

Try the Course for Free

Explore our Catalog

Join for free and get personalized recommendations, updates and offers.