Attacks, Threats, and Vulnerabilities

Question 1

Phishing

Question 2

Smishing

Question 3

Vishing

Question 4

Spam

Question 5

Spim

Question 6

Spear phishing

Question 7

Dumpster diving

Question 8

Shoulder surfing

Question 9

Pharming

Question 10

Tailgating

Question 11

Eliciting information

Question 12

Whaling

Question 13

Prepending

Question 14

Identity fraud

Question 15

Invoice scams

Question 16

Credential harvesting

Question 17

Reconnaissance

Question 18

Hoax

Question 19

Impersonation

Question 20

Watering hole attack

Question 21

Typosquatting

Question 22

Pretexting

Question 23

Influence campaign

Question 24

Hybrid warfare

Question 25

Authority

Question 26

Intimidation

Question 27

Consensus

Question 28

Scarcity

Question 29

Familiarity

Question 30

Trust

Question 31

Urgency

Question 32

Ransomware

Question 33

Trojans

Question 34

Worms

Question 35

PUPs

Question 36

Fileless virus

Question 37

Command and control

Question 38

Bots

Question 39

Cryptomalware

Question 40

Logic bombs

Question 41

Spyware

Question 42

Keyloggers

Question 43

RAT

Question 44

Rootkit

Question 45

Backdoor

Question 46

Spraying (password attack)

Question 47

Dictionary (password attack)

Question 48

Brute Force (password attack)

Question 49

Rainbow table (password attack)

Question 50

Plaintext/Unencrypted (password attack)

Question 51

Malicious USB cable

Question 52

Malicious flash drive

Question 53

Card cloning

Question 54

Skimming

Question 55

Adversarial AI

Question 56

Supply-chain attacks

Question 57

Cloud based vs On-premises attacks

Question 58

Birthday (Cryptographic attack)

Question 59

Collision (Cryptographic attack)

Question 60

Downgrade (Cryptographic attack)

Question 61

Privilege escalation

Question 62

Cross-site scripting

Question 63

SQL injection

Question 64

DLL injection

Question 65

LDAP injection

Question 66

XML injection

Question 67

Pointer/object dereference

Question 68

Directory traversal

Question 69

Buffer overflows

Question 70

Race conditions

Question 71

Error handling

Question 72

Improper input handling

Question 73

Replay attack

Question 74

Integer overflow

Question 75

Request forgeries

Question 76

API attacks

Question 77

Resource exhaustion

Question 78

Memory leak

Question 79

SSL stripping

Question 80

Shimming (Driver manipulation)

Question 81

Refactoring (Driver manipulation)

Question 82

Pass the hash

Question 83

Evil twin (wireless)

Question 84

Rogue AP

Question 85

Bluesnarfing

Question 86

Bluejacking

Question 87

Disassociation

Question 88

Jamming

Question 89

RFID

Question 90

NFC

Question 91

IV

Question 92

On-path attack

Question 93

ARP poisoning

Question 94

MAC flooding

Question 95

MAC cloning

Question 96

Domain hijacking

Question 97

DNS poisoning

Question 98

URL redirection

Question 99

Domain reputation

Question 100

DDoS

Question 101

Malicious code or script execution

Question 102

APT

Question 103

Insider threat

Question 104

State actor

Question 105

Hacktivist

Question 106

Script kiddies

Question 107

Criminal syndicates

Question 108

Hackers

Question 109

Shadow IT

Question 110

Competitors

Question 111

Direct access (vector)

Question 112

Wireless (vector)

Question 113

Email (vector)

Question 114

Supply chain (vector)

Question 115

Social media (vector)

Question 116

Removeable media (vector)

Question 117

Cloud (vector)

Question 118

OSINT

Question 119

Closed/proprietary threat intelligence

Question 120

Vulnerability databases

Question 121

Public/private info-sharing centers

Question 122

Dark web

Question 123

Indicators of compromise

Question 124

AIS

Question 125

Predictive analysis

Question 126

Threat map

Question 127

File/code repository

Question 128

Threat hunting

Question 129

Vulnerability scans

Question 130

Syslog/SIEM

Question 131

SOAR

Question 132

Pentesting

Question 133

Passive/active reconnaissance

Question 134

Exercise types