SY0-701 Study Notes

Domain 2: Threats, Vulnerabilities & Mitigations

2 min read

Overview

Domain 2 focuses on identifying and understanding the threats and vulnerabilities that affect organizations and the techniques used to mitigate them. At 22% of the exam, it is the second-heaviest domain and requires deep familiarity with specific attack types, vulnerability categories, and mitigation strategies.

Exam Weight

22% — approximately 19-20 questions out of 90.

Topics

TopicNoteKey Focus
Malware Typesmalware-typesViruses, worms, trojans, rootkits, spyware
RansomwareransomwareEncryption, double extortion, recovery
Password Attackspassword-attacksBrute force, dictionary, rainbow tables, spraying
Cryptographic Attackscryptographic-attacksBirthday, downgrade, collision
Application Attacksapplication-attacksBuffer overflow, race condition, SSRF
Injection Attacksinjection-attacksSQL injection, LDAP injection, command injection
XSS and CSRFxss-and-csrfReflected, stored, DOM-based XSS; CSRF tokens
Network Attacksnetwork-attacksARP poisoning, VLAN hopping, rogue devices
Denial of Servicedenial-of-serviceDDoS, amplification, SYN flood
DNS Attacksdns-attacksDNS poisoning, zone transfer, typosquatting
Wireless Attackswireless-attacksEvil twin, deauthentication, WPS attacks
On-Path Attackson-path-attacksMITM, SSL stripping, session hijacking
Indicators of Compromiseindicators-of-compromiseIOCs, anomalous activity, STIX/TAXII
Vulnerability Typesvulnerability-typesZero-day, misconfiguration, default credentials
Mitigation Techniquesmitigation-techniquesPatching, segmentation, hardening

Cross-Domain Connections

17 items under this folder.