Objective 2.2 Flashcards
Explain common threat vectors and attack surfaces.
These below are types of?
- Message-based
- Image-based
- File-based
- Voice calls
- Removable devices
- Use of Unsecured Networks
Threat Vectors and Attack Surface
The means or pathway by which an attacker can gain unauthorized access to a computer or network to deliver a malicious payload or carry out an unwanted action
Threat Vector
Encompass all the various points where an unauthorized user can try to enter data to or extract data from an environment
Attack Surface
The “how” of the attack
Threat Vector
The “where” of the attack
Attack Surface
Minimize attack surface
Restricting access
Removing unnecessary software
Disabling unused protocols
Increase security posture
Include threats delivered via email, SMS, or other forms of instant messaging.
Message-based threat vector
threat vectors that involve the embedding of malicious code inside of an image file by the threat actor
Image-based threat vector
involve the use of malicious files to deliver a cyber threat.
File-based threat vector
involve the use of calls to trick victims into revealing their sensitive information
Voice call-based threat actor
refer to threats delivered via removable devices such as USB
Removable Device threat vector
refer to the lack of appropriate security measures to protect networks
Unsecure Networks trheat vector
Set of vulnerabilities in Bluetooth technology that can allow an attacker to take over devices spread malware
BlueBorne
Type of DoS attack that targets Bluetooth-enabled devices by sending a specially crafted Logical Link Control and Adaptation Protocol packet to a target device
BlueSmack