In this video, we begin by exploring application and wireless attacks. The video opens with a discussion of wireless attacks, including rouge access points, jamming and interference, evil twin, Bluetooth attack (bluejacking, bluesnarfing, and bluebugging), and war chalking and war driving. We also cover attacks against encryption, including IV attacks, WEB/WPA attacks, and WPS attacks. For the Security+ exam, you will be expected to be able to explain these types of attacks.
The next part of the video presents application attacks, beginning with cross-site scripting. Injection attacks follows, including SQL, LDAP, XML, and directory traversal/command injections. Overflow attacks, including buffer and integer, are presented. The category of zero-day attacks are defined. The video continues with cookies, malicious add-ons, and session hijacking. The Security+ exam expects you to be able to explain these types of application attacks.