Domain 2 :Explain common threat vectors and attack surfaces

Question 1

SMS phishing (smishing)

Answer 1

uses text messages to deceive users into revealing personal information or downloading malicious attachments. The seemingly harmless SMS that arrives on your phone could hold the key to a breach.

Question 2

IM Vun

Answer 2

IM vulnerabilities range from the distribution of malware-laden attachments to socially engineered messages that coax users into clicking malicious links.

Question 3

Client based scanning

Answer 3

Client-based scanning (in which an agent resides on each host) operates as a tool for automating vulnerability discovery and classification, efficiently reporting to a central management server.

Question 4

Agentless scanning:

Answer 4

On the flip side, agentless-based scanning, which is the preferred method for threat actors during reconnaissance, is employed to scan hosts without necessitating any installations. Examples of agentless-based scanning are Nmap and Wireshark.

Question 5

Issues with Wireless networks

Answer 5

A wireless network using open system authentication lacks encryption. This means that any data exchanged between a guest’s device and a hotel’s network.

Question 6

Ways to protect wireless networks

Answer 6

Strategies to protect wireless networks include using encryption and disabling the broadcast of the service set identifier (SSID), which acts as the network’s name. By disabling this broadcast, network administrators obscure the network’s presence, making it less visible to casual attackers. Another option is MAC filtering, which secures the network by ensuring that only an approved user’s MAC address is added to the wireless access point.

Question 7

Wired Networks

Answer 7

Wired networks, which are often used by companies that rely on connectivity, harbor risks when left unsecured. Without proper encryption and access controls, unauthorized physical access to network ports can lead to data breaches and malware attacks. To preserve the integrity and reliability of these networks, implementing stringent access controls, encryption protocols, and consistent security assessments is crucial. We should also remove the patch cables for ports that are not being used.

Question 8

Bluetooth

Answer 8

: A personal area network (PAN) is a Bluetooth network. Bluetooth features, such as easy pairing, can open the door to security breaches. While designed to simplify device connections, it can also inadvertently allow unauthorized access when left unchecked. To mitigate these risks, users must adopt a proactive stance by enabling Bluetooth only when actively needed to reduce the window of vulnerability. This simple step prevents devices from continuously broadcasting their presence and limits the opportunity for attackers to exploit easy pairing. Additionally, users should regularly update their devices with the latest security patches to close any potential vulnerabilities.

Question 9

Supply Chain

Answer 9

A supply chain is the transformation of raw materials into finished products and making them available to consumers

Question 10

Managed service providers

Answer 10

An MSP is a third-party organization that fulfills all of a company’s IT needs. A single compromise within an MSP’s infrastructure can ripple across multiple clients, leading to cascading breaches. To mitigate this risk, organizations should demand stringent security standards from their MSPs, including regular audits, robust access controls, and a commitment to promptly patch any vulnerabilities

Question 11

Vendors Risks

Answer 11

The relationships between organizations and their vendors often involve the sharing of sensitive information. Yet, vendors can unwittingly serve as vectors for cyber threats. Organizations should implement comprehensive vendor risk assessments, evaluating security protocols and practices before granting access to their networks or data. Regular communication and collaboration ensure alignment in security expectations, minimizing the potential vulnerabilities introduced through vendor connections.

Question 12

Suppliers risk

Answer 12

Suppliers, often referred to as third-party contributors who provide goods or services, are an integral part of the process but can also introduce risks. Therefore, it’s important to scrutinize suppliers’ security practices as part of a comprehensive supply chain risk management strategy.

Question 13

Spear phishing

Answer 13

Spear phishing is a more targeted variant of phishing. It involves attacks directed at specific groups, such as the board of directors at a company. These emails are tailored to create a sense of authenticity and urgency, enticing the victim to click on a link embedded in the email, which typically leads to a malicious website or triggers a malware download.

Question 14

Watering hole attacks

Answer 14

Watering hole attacks are like cunning predators lurking at watering holes in the wild. Cybercriminals compromise legitimate websites (knowing that users trust these sites) by implanting malicious code.

Question 15

Typo squatting

Answer 15

Typosquatting exploits typing errors. Cyber attackers register domains that bear great similarity to legitimate domain names with minor changes such as spelling errors or missing symbols. They hope users will inadvertently recreate these domain names due to a typographical error. U

Question 16

Group Policy

Answer 16

: Microsoft Group Policy is an indispensable tool for organizations that predominantly rely on Windows operating systems. It allows administrators to define and enforce security configurations across a network of Windows devices. With Group Policy, a set of predefined security baselines can be created and applied uniformly to all Windows systems within an organization.

Question 17

Hardening Mobile devices

Answer 17

Mobile devices: To enhance mobile device security, organizations must employ security policies such as strong passwords or biometric authentication, enable encryption for device data, and maintain up-to-date patches for mobile operating systems and applications.

Question 18

Hardening Workstations

Answer 18

To secure workstations, organizations can employ tactics such as implementing firewalls, deploying antivirus software, and applying security policies that restrict unnecessary user privileges.

Question 19

Hardening Switches

Answer 19

To secure a switch, start by replacing the default login credentials with strong passwords to prevent unauthorized access and enable port security to limit connections to trusted devices. Additional security methods include the implementation of Virtual LANs (VLANs) to segment the network and reduce the attack surface, Secure Shell (SSH) for secure remote management and to disable unused ports to prevent unauthorized physical access, SNMP security measures to protect management protocols, and Access Control Lists (ACLs) to control traffic and protect against unauthorized access.

Question 20

Mobile Device Management

Answer 20

A Mobile Device Management (MDM) solution provides centralized control and maintenance of mobile devices to ensure strict adherence to the security protocols established by an organization and empowers IT administrators to oversee, configure, and safeguard mobile devices from a remote location.

Among its primary responsibilities, MDM is set up by the IT staff to enforce security guidelines such as encryption, password prerequisites, and application whitelisting.

Question 21

Bluetooth low Energy

Answer 21

Bluetooth Low Energy (BLE) that uses random generation for data transfer when possible, and keep devices in non-discoverable mode when not in use to prevent unauthorized connections

Question 22

Secure cookies

Answer 22

Cookies are small packets of data that serve as a fundamental component of web browsing. They can be both friendly and, in some cases, potentially treacherous. Cookies are tiny pieces of information (packets) that websites send to your web browser and are stored on your computer or device. Their primary purpose is to enhance your web browsing experience. These encrypted packets preserve user sessions, preferences, and authentication tokens, fortifying applications against data theft and identity compromise. However, they can also be treacherous as they can pose privacy risks and introduce security vulnerabilities if not properly managed

Question 23

Enumeration

Answer 23

Enumeration is the process of assigning unique identifiers or serial numbers to assets. Each asset within an organization should have a distinct identifier to make it easier to track, manage, and differentiate assets. This is particularly crucial in large organizations with numerous assets to ensure that none are overlooked, lost, or stolen. The following tools can be used to conduct enumeration: