CompTIA Security+ SY0-601 Cert Guide, 5th Edition

Chapter 6

Understanding the Security Concerns Associated with Various Types of Vulnerabilities

This chapter covers the following topics related to Objective 1.6 (Explain the security concerns associated with various types of vulnerabilities) of the CompTIA Security+ SY0-601 certification exam:

Cloud-based vs. on-premises vulnerabilities
Zero-day
Weak configurations
- Open permissions
- Unsecure root accounts
- Errors
- Weak encryption
- Unsecure protocols
- Default settings
- Open ports and services
Third-party risks
- Vendor management
  - System integration
  - Lack of vendor support
- Supply chain
- Outsourced code development
- Data storage
- Improper or weak patch management
  - Firmware
  - Operating system (OS)
  - Applications
- Legacy platforms
- Impacts
  - Data loss
  - Data breaches ...

Get CompTIA Security+ SY0-601 Cert Guide, 5th Edition now with the O’Reilly learning platform.

O’Reilly members experience books, live events, courses curated by job role, and more from O’Reilly and nearly 200 top publishers.

Start your free trial

CompTIA Security+ SY0-601 Cert Guide, 5th Edition by Omar Santos, Ron Taylor, Joseph Mlodzianowski

Chapter 6

Don’t leave empty-handed

It’s yours, free.

Check it out now on O’Reilly