docker.tar.gz

network-commands

node

It seems like hardly a week goes by without a high-profile computer breach. Why do these happen? How can you prevent them? This course doesn’t have all the answers, but it does outline practices that make life harder for attackers and that will help tide you over until you get a full-time security team in place.

In this course, you will learn 5 simple, yet effective, techniques for preventing attackers from getting into your system. These techniques are related to: patching, software vulnerabilities, cryptography, windows security, and phishing. Within each chapter you will learn the best practices for preventing vulnerabilities and how to make them more detectable. 

This course is based on the Pragmatic Programmers’ book, Practical Security, and is aimed at developers, admins, team leads, architects, technology generalists, and all others who stand guard against the things that disrupt the network.

Practical Security: Simple Practices for Defending Your Systems

## What is phishing?
Phishing is the first attack we’ve covered that attacks the user instead of the software. In a phishing attack, the attacker sends an email to the victim and tricks the victim into doing something the attacker wants them to do-generally, reveal their login credentials. Once an attacker has the victim’s credentials, they are no longer impeded by the defenses that we’ve carefully built up over the previous chapters.

 No need for an attacker to look for unpatched servers, weak cryptography, or SQL injection if they can just log in and use the system as a legitimate user. It sounds simple, and it is technologically simpler than the attacks we’ve covered so far, but there’s no prize for complexity. Phishing continues to be a problem because it continues to be effective.



 <font size="6">  &nbsp; &nbsp;  &nbsp; &nbsp;&nbsp;  &nbsp; &nbsp;   &nbsp;  &nbsp;   &nbsp;   &nbsp; &nbsp; &nbsp; &nbsp;       &nbsp;  &nbsp;  &nbsp; &nbsp;&nbsp;   &nbsp; &nbsp; &nbsp;   &nbsp; &nbsp; &nbsp;&nbsp;  **Q U I Z**  &nbsp;   </font> 

# What is phishing?
Phishing is the first attack we’ve covered that attacks the user instead of the software. In a phishing attack, the attacker sends an email to the victim and tricks the victim into doing something the attacker wants them to do-generally, reveal their login credentials. Once an attacker has the victim’s credentials, they are no longer impeded by the defenses that we’ve carefully built up over the previous chapters.

 No need for an attacker to look for unpatched servers, weak cryptography, or SQL injection if they can just log in and use the system as a legitimate user. It sounds simple, and it is technologically simpler than the attacks we’ve covered so far, but there’s no prize for complexity. Phishing continues to be a problem because it continues to be effective.



 <font size="6">  &nbsp; &nbsp;  &nbsp; &nbsp;&nbsp;  &nbsp; &nbsp;   &nbsp;  &nbsp;   &nbsp;   &nbsp; &nbsp; &nbsp; &nbsp;       &nbsp;  &nbsp;  &nbsp; &nbsp;&nbsp;   &nbsp; &nbsp; &nbsp;   &nbsp; &nbsp; &nbsp;&nbsp;  **Q U I Z**  &nbsp;   </font> 

Let's kick this chapter off with an introduction to phishing.

Introduction

Patching

Vulnerabilities

Cryptography

Windows

Phishing

Introduction

What is phishing?