Understand the propagation techniques used by viruses. File Inflection, service injection, boot sector infection, macro infection.
Most antivirus programs use signature-based detection algorithms to look for telltale patterns of known viruses. It’s essential to update virus definition files in order to maintain protection against newly authored viruses as they emerge.
Passwords are the most common access control mechanism in use today and it is essential that you understand how to protect against attackers who seek to undermine their security. Understand password crackers, dictionary attacks and social engineering and how they are used to defeat password security.
Application attacks are one of the greatest threats to modern computing. Attackers exploit buffer overflows, trap doors, time of check to time of use vulnerabilities and rootkits to gain illegitimate access to a system.
As applications move to the web, developers and security professionals must understand the new types of attacks that exist in this environment and how to protect against them. The most common are xss and sql injection attacks.
Before launching an attack, attackers use IP sweeps to search out active hosts on a network, then port scan, then vulnerability probe which they attack weaknesses found. Understand these attacks to limit the amount of information an attacker can get.