Class Central is learner-supported. When you buy through links on our site, we may earn an affiliate commission.

LinkedIn Learning

Threat Modeling: Spoofing In Depth

via LinkedIn Learning

Overview

Learn about one of the key threats to modern systems: spoofing, or authentication attacks. Explore ways that attackers spoof people, machines, file systems, and processes.

Syllabus

Introduction
  • Mitigate spoofing threats
  • Four-question framework
  • Spoofing as a part of STRIDE
1. Authentication Basics
  • Account creation
  • Authentication factors
2. Spoofing Authentication Factors
  • Attacking what you know
  • Attacking what you have
  • Attacking what you are
  • Attacking where you are
  • Attacking who you know
  • Attacking phone authentication
3. Spoofing Hosts
  • Spoofing a host
  • Advanced host spoofing
  • Spoofing the OSI model
  • What you know in host spoofing
  • Spoofing TLS
4. Spoofing People
  • Spoofing a specific person in email
  • Spoofing a person on a website
  • Spoofing a person in video and audio
5. Spoofing Files
  • The nature of "open" and paths
  • Libraries (LD_PATH, %Downloads%)
  • Defenses with extra fail
Conclusion
  • Next steps

Taught by

Adam Shostack

Reviews

4.7 rating at LinkedIn Learning based on 425 ratings

Start your review of Threat Modeling: Spoofing In Depth

Never Stop Learning.

Get personalized course recommendations, track subjects and courses with reminders, and more.

Someone learning on their laptop while sitting on the floor.