SY0-701 Study Notes
Search
Search
Dark mode
Light mode
Explorer
Home
❯
Domain 2: Threats, Vulnerabilities & Mitigations
❯
concepts
Folder: domain-2-threats-vulnerabilities/concepts
139 items under this folder.
Mar 20, 2026
Access control lists (ACLs)
domain/2
type/sub-topic
Mar 20, 2026
Account indicators
domain/2
type/sub-topic
Mar 20, 2026
Amplification attack
domain/2
type/sub-topic
Mar 20, 2026
Amplification/Reflection
domain/2
type/sub-topic
Mar 20, 2026
API attacks
domain/2
type/sub-topic
Mar 20, 2026
Application allowlisting
domain/2
type/sub-topic
Mar 20, 2026
Application-layer attacks
domain/2
type/sub-topic
Mar 20, 2026
ARP spoofing/poisoning
domain/2
type/sub-topic
Mar 20, 2026
Behavioral indicators
domain/2
type/sub-topic
Mar 20, 2026
Birthday attack
domain/2
type/sub-topic
Mar 20, 2026
Blind SQL injection
domain/2
type/sub-topic
Mar 20, 2026
Bluetooth attacks
domain/2
type/sub-topic
Mar 20, 2026
Botnet
domain/2
type/sub-topic
Mar 20, 2026
Brute force
domain/2
type/sub-topic
Mar 20, 2026
Buffer overflow
domain/2
type/sub-topic
Mar 20, 2026
Chosen plaintext/ciphertext attack
domain/2
type/sub-topic
Mar 20, 2026
Collision attack
domain/2
type/sub-topic
Mar 20, 2026
Command injection (OS injection)
domain/2
type/sub-topic
Mar 20, 2026
Common delivery methods
domain/2
type/sub-topic
Mar 20, 2026
Compensating controls
domain/2
type/sub-topic
Mar 20, 2026
Credential stuffing
domain/2
type/sub-topic
Mar 20, 2026
Cryptocurrency payment
domain/2
type/sub-topic
Mar 20, 2026
Deauthentication attack
domain/2
type/sub-topic
Mar 20, 2026
Decommissioning
domain/2
type/sub-topic
Mar 20, 2026
Default credentials
domain/2
type/sub-topic
Mar 20, 2026
Defenses
domain/2
type/sub-topic
Mar 20, 2026
Deprecated algorithms
domain/2
type/sub-topic
Mar 20, 2026
Dictionary attack
domain/2
type/sub-topic
Mar 20, 2026
Directory traversal
domain/2
type/sub-topic
Mar 20, 2026
DLL injection
domain/2
type/sub-topic
Mar 20, 2026
DNS amplification
domain/2
type/sub-topic
Mar 20, 2026
DNS hijacking
domain/2
type/sub-topic
Mar 20, 2026
DNS over HTTPS (DoH) / DNS over TLS (DoT)
domain/2
type/sub-topic
Mar 20, 2026
DNS poisoning / DNS cache poisoning
domain/2
type/sub-topic
Mar 20, 2026
DNS spoofing
domain/2
type/sub-topic
Mar 20, 2026
DNS tunneling
domain/2
type/sub-topic
Mar 20, 2026
DNSSEC (DNS Security Extensions)
domain/2
type/sub-topic
Mar 20, 2026
DOM-based XSS
domain/2
type/sub-topic
Mar 20, 2026
Domain hijacking
domain/2
type/sub-topic
Mar 20, 2026
Double extortion
domain/2
type/sub-topic
Mar 20, 2026
Downgrade attack
domain/2
type/sub-topic
Mar 20, 2026
Email indicators
domain/2
type/sub-topic
Mar 20, 2026
Encryption-based ransomware
domain/2
type/sub-topic
Mar 20, 2026
Encryption
domain/2
type/sub-topic
Mar 20, 2026
Evil twin
domain/2
type/sub-topic
Mar 20, 2026
CSRF Example
domain/2
type/sub-topic
Mar 20, 2026
False positives
domain/2
type/sub-topic
Mar 20, 2026
File-based indicators
domain/2
type/sub-topic
Mar 20, 2026
Fileless malware
domain/2
type/sub-topic
Mar 20, 2026
Hardware vulnerabilities
domain/2
type/sub-topic
Mar 20, 2026
Host-based indicators
domain/2
type/sub-topic
Mar 20, 2026
HTML injection
domain/2
type/sub-topic
Mar 20, 2026
HTTPS spoofing
domain/2
type/sub-topic
Mar 20, 2026
Human factors
domain/2
type/sub-topic
Mar 20, 2026
Hybrid attack
domain/2
type/sub-topic
Mar 20, 2026
Impact
domain/2
type/sub-topic
Mar 20, 2026
Indicators of Attack (IoA)
domain/2
type/sub-topic
Mar 20, 2026
Input validation
domain/2
type/sub-topic
Mar 20, 2026
Insecure protocols
domain/2
type/sub-topic
Mar 20, 2026
Integer overflow
domain/2
type/sub-topic
Mar 20, 2026
IP spoofing
domain/2
type/sub-topic
Mar 20, 2026
Jamming
domain/2
type/sub-topic
Mar 20, 2026
Kerberoasting
domain/2
type/sub-topic
Mar 20, 2026
Key stretching
domain/2
type/sub-topic
Mar 20, 2026
Keylogger
domain/2
type/sub-topic
Mar 20, 2026
Keylogging
domain/2
type/sub-topic
Mar 20, 2026
Known plaintext attack
domain/2
type/sub-topic
Mar 20, 2026
KRACK (Key Reinstallation Attack)
domain/2
type/sub-topic
Mar 20, 2026
Lateral movement
domain/2
type/sub-topic
Mar 20, 2026
LDAP injection
domain/2
type/sub-topic
Mar 20, 2026
Locker ransomware
domain/2
type/sub-topic
Mar 20, 2026
Logic bomb
domain/2
type/sub-topic
Mar 20, 2026
MAC flooding
domain/2
type/sub-topic
Mar 20, 2026
Man-in-the-Browser (MitB)
domain/2
type/sub-topic
Mar 20, 2026
CSRF Mechanism
domain/2
type/sub-topic
Mar 20, 2026
Memory vulnerabilities
domain/2
type/sub-topic
Mar 20, 2026
Metamorphic malware
domain/2
type/sub-topic
Mar 20, 2026
Misconfigurations
domain/2
type/sub-topic
Mar 20, 2026
Network-based indicators
domain/2
type/sub-topic
Mar 20, 2026
Network segmentation
domain/2
type/sub-topic
Mar 20, 2026
NFC attacks
domain/2
type/sub-topic
Mar 20, 2026
Notable examples
domain/2
type/sub-topic
Mar 20, 2026
Parameterized queries / Prepared statements
domain/2
type/sub-topic
Mar 20, 2026
Pass-the-hash
domain/2
type/sub-topic
Mar 20, 2026
Password spraying
domain/2
type/sub-topic
Mar 20, 2026
Patching
domain/2
type/sub-topic
Mar 20, 2026
Polymorphic malware
domain/2
type/sub-topic
Mar 20, 2026
Port scanning
domain/2
type/sub-topic
Mar 20, 2026
Potentially Unwanted Programs (PUPs)
domain/2
type/sub-topic
Mar 20, 2026
Privilege escalation
domain/2
type/sub-topic
Mar 20, 2026
Protocol attacks
domain/2
type/sub-topic
Mar 20, 2026
Quantum computing threat
domain/2
type/sub-topic
Mar 20, 2026
Race condition / TOCTOU
domain/2
type/sub-topic
Mar 20, 2026
Race conditions
domain/2
type/sub-topic
Mar 20, 2026
Rainbow table attack
domain/2
type/sub-topic
Mar 20, 2026
Ransomware-as-a-Service (RaaS)
domain/2
type/sub-topic
Mar 20, 2026
RAT (Remote Access Trojan)
domain/2
type/sub-topic
Mar 20, 2026
Reflected XSS
domain/2
type/sub-topic
Mar 20, 2026
Relay attacks
domain/2
type/sub-topic
Mar 20, 2026
Replay attack
domain/2
type/sub-topic
Mar 20, 2026
Resource exhaustion
domain/2
type/sub-topic
Mar 20, 2026
RFID cloning
domain/2
type/sub-topic
Mar 20, 2026
Rogue access point
domain/2
type/sub-topic
Mar 20, 2026
Rogue DHCP server
domain/2
type/sub-topic
Mar 20, 2026
Rootkit
domain/2
type/sub-topic
Mar 20, 2026
Salting
domain/2
type/sub-topic
Mar 20, 2026
Security awareness training
domain/2
type/sub-topic
Mar 20, 2026
Security baselines and hardening
domain/2
type/sub-topic
Mar 20, 2026
Server-Side Request Forgery (SSRF)
domain/2
type/sub-topic
Mar 20, 2026
Session hijacking
domain/2
type/sub-topic
Mar 20, 2026
Session replay
domain/2
type/sub-topic
Mar 20, 2026
Shoulder surfing
domain/2
type/sub-topic
Mar 20, 2026
Side-channel attacks
domain/2
type/sub-topic
Mar 20, 2026
Slowloris
domain/2
type/sub-topic
Mar 20, 2026
Smurf attack
domain/2
type/sub-topic
Mar 20, 2026
Spyware
domain/2
type/sub-topic
Mar 20, 2026
SQL injection (SQLi)
domain/2
type/sub-topic
Mar 20, 2026
SSL/TLS interception (SSL proxy)
domain/2
type/sub-topic
Mar 20, 2026
SSL/TLS stripping
domain/2
type/sub-topic
Mar 20, 2026
STIX/TAXII
domain/2
type/sub-topic
Mar 20, 2026
Stored (Persistent) XSS
domain/2
type/sub-topic
Mar 20, 2026
Stored procedures
domain/2
type/sub-topic
Mar 20, 2026
SYN flood
domain/2
type/sub-topic
Mar 20, 2026
Third-party/supply chain risks
domain/2
type/sub-topic
Mar 20, 2026
Threat feeds
domain/2
type/sub-topic
Mar 20, 2026
Triple extortion
domain/2
type/sub-topic
Mar 20, 2026
Trojan
domain/2
type/sub-topic
Mar 20, 2026
Typosquatting / URL hijacking
domain/2
type/sub-topic
Mar 20, 2026
Unpatched software
domain/2
type/sub-topic
Mar 20, 2026
Virus
domain/2
type/sub-topic
Mar 20, 2026
VLAN hopping
domain/2
type/sub-topic
Mar 20, 2026
Volumetric attacks
domain/2
type/sub-topic
Mar 20, 2026
War driving
domain/2
type/sub-topic
Mar 20, 2026
Weak encryption
domain/2
type/sub-topic
Mar 20, 2026
Worm
domain/2
type/sub-topic
Mar 20, 2026
WPA/WPA2 handshake capture
domain/2
type/sub-topic
Mar 20, 2026
WPS attacks
domain/2
type/sub-topic
Mar 20, 2026
XML injection / XXE
domain/2
type/sub-topic
Mar 20, 2026
Zero-day vulnerabilities
domain/2
type/sub-topic