Threat Vectors and Attack Surfaces Flashcards

1
Q

Threat Vector

A

Means or pathway by which an attacker can gain unauthorized access to a computer or network to deliver a malicious payload or carry out an unwanted action

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
2
Q

Attack Surface

A

Encompasses all the various points where an unauthorized user can try to enter data to or extract data from an environment

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
3
Q

Methods of minimizing attack surfaces include:

A

Restricted Access, removing unnecessary software, and disabling unused protocols

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
4
Q

Messages

A

Message-based threat vectors include threats delievered via email, simple message service (SMS text messaging), or other forms of instant messaging

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
5
Q

Images

A

Image-based threat vectors involving the embedding of malicious code inside of an image file by the threat actor

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
6
Q

Files

A

The files, often disguised as legitimate documents or software, can be transferred as email attachments, through file-sharing services, or hosted on a malicious website

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
7
Q

Voice calls

A

Vhishing - Use of voice calls to trick victims into revealing their sensitive information to an attacker

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
8
Q

Removable devices

A

Baiting - attackers might leave a malware-infected USB drive in a location where their target might find it, such as in the parking lot or the lobby of the targeted organization

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
9
Q

Unsecure Networks

A

Include wireless, wired, and bluetooth networks that lack appropriate security measures, if not properly secured, unauthorized individuals can intercept wireless communications or gain access to the network. Wired networks are more secure typically, but not immune to threats.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
10
Q

Physical access to network infrastructure can lead to attacks like

A

MAC Address Cloning and VLAN Hopping

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
11
Q

Bluetooth attacks include examples

A

like BlueBorne, or BlueSmack exploits

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
12
Q

BlueBorne

A

Set of vulnerabilities in Bluetooth technology that can allow an attacker to take over devices, spread malware, or even establish an on-path attack to intercept communications without any user interaction

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
13
Q

BlueSmack

A

Type of Denial-of-Service attack that targets Bluetooth-enabled devices by sending a specially crafted Logical Link Control and Adaptation Protocol packet to a target device

How well did you know this?
1
Not at all
2
3
4
5
Perfectly