Operational Threat Vectors Flashcards
EOS
End of support- no patches
Data exploration
Unauthorized removal of digital data
Attack surface
This is a sum of all threat vectors (malicious mails, phishing, weak/stolen passwords, web apps, out of date apps, old devices)
Shadow it
Use of premise or cloud based resources that bypass the it department. Impact: voliation of security policies (authentication, encryption, backup). Cause: lot of Saas, laziness of go thru the policies. Response: education, audit
Open service ports
Threat vector, open service ports are those in listening mode - it means that are connected with the system/application/utility. Impact of this vector is exposure, ddos, unauthorized access.
It is caused by poor configuration management
Weak permission
Threat vector, allow unnecessary access (device, OS, cloud). Impact -unauthorized access,violations.
Caused by lack of understanding, poor classification,
Response - policies of permissions of data/apps, management education, standardization
Threat vector
Attack vector. Potential pathway or scenario that can be exploited.common threat vectors include malicious emails in phishing attack, weak or stollen passwords, drive by downloaded attacks, web apps, out of date apps or devices, and trusted relationship.
Default credentials
Threat vector. Password Initially setup by vendor, easy to broke. Impact for this can be unauthorized access and compromise. Can be starting point to pivot access to other devices. Default passwords can be found in the internet for specific product.
Unsupported system/software
Threat vector. There is no option to find updates. It is a part of end of life for system/software. It can be caused by lack of centralized control, local workstations, no refers policy, poor budget. End of life is product obsolete no development support.
