Common Threat Vector 2.2

Question 1

Threat Vector

Answer 1

• Method used by the attacker

Question 2

Attack Vector

Answer 2

• A way attackers can gain access to a system or infect an intended target.

Question 3

Message Based Vectors

Answer 3

• One of the biggest, and most successful threat vectors.

Question 4

Messaged Based Vector - Email

Answer 4

• Attackers can send malicious links in an email.

Question 5

Message Based Vector - SMS (Short Message Service)

Answer 5

• Attackers performed via text message.
• Sending malicious links

Question 6

Phishing

Answer 6

• A type of social engineering attack.
• Attacker attempts to obtain sensitive information from users by masquerading as a trusted entity.
• Encourages recipients to go to a website that appears reputable

Question 7

Imaged-based Vectors

Answer 7

• More difficult to identify the threat in an image.

Question 8

Formats of Image-Based Vectors

Answer 8

• Scalable Vector Graphic format (SVG)
• Extensible Markup Language (XML)

Question 9

Vishing

Answer 9

• Using voice communication technology to obtain a victim’s information.
• Takes advantage of the trust in the telephone network.

Question 10

Malicious Flash Drive

Answer 10

• The attacker leaves tainted USB devices for people to pick up and use.
• User plugs the USB into their device then an automates the attack.
• Can act as a keyboards.

Question 11

Client Based Software Vector

Answer 11

• Infected executable
• Known (or unknown) vulnerabilities
• May require constant updates

Question 12

Agentless System

Answer 12

• To access the intended software connect to a separate system.
• Common with web based applications or products.
• Compromises the server which affects all users on the system.

Question 13

Unsupported Systems Vectors

Answer 13

• Outdated software that is no longer supported and can’t be patched
• Can be a single entry for a vector attack

Question 14

Unsecure Network Vectors

Answer 14

• A company’s network connects everything.
• The attacker no longer needs direct physical access.

Question 15

802.1X

Answer 15

• Authentication standard that supports port-based authentication services between a user and an authorization device.
• Commonly used on wireless access point.

Question 16

Open Ports and Services

Answer 16

• Every open port is an opportunity for the attacker.
• Services on machines are accessed through TCP or UDP ports.

Question 17

Firewall Rules

Answer 17

• Any service not being used should be disabled.
• Ports should be blocked by the firewall.

Question 18

Weak Configurations

Answer 18

• Most devices have default usernames and passwords which must be changed upon receiving the device.
• Correct credentials provide full control.

Question 19

Supply Chain Vectors

Answer 19

• Involves using a company’s supply chain as an unwitting agent in an attack.
• Tampering with the underlying infrastructure or manufacturing process.

Question 20

Managed Service Provider (MSP)

Answer 20

• Company that remotely manages a customer’s IT infrastructure.
• If an attacker gains access to the MSP, they can gain access to a system.