Threat Vectors and Attack Surfaces

Question 1

What is a threat vector?

Answer 1

Means or pathway by which an attacker can gain unauthorized access to a computer or network to deliver a malicious payload or carry out an unwanted action

Threat vectors detail the methods of attack.

Question 2

What does the attack surface encompass?

Answer 2

All the various points where an unauthorized user can try to enter data to or extract data from an environment

Minimizing the attack surface is crucial for enhancing security.

Question 3

How can the attack surface be minimized?

Answer 3

• Restricting Access
• Removing unnecessary software
• Disabling unused protocols

These actions help reduce potential entry points for attackers.

Question 4

What is the relationship between threat vector and attack surface?

Answer 4

Threat vector is the ‘how’ of an attack, whereas the attack surface is the ‘where’ of the attack

Understanding both concepts is essential for effective cybersecurity.

Question 5

What are message-based threat vectors?

Answer 5

Threats delivered via email, SMS text messaging, or other forms of instant messaging

Phishing campaigns are a common example of this type of threat vector.

Question 6

What is phishing?

Answer 6

A campaign where an attacker impersonates a trusted entity to trick victims into revealing sensitive information

This is often executed through email or messaging platforms.

Question 7

What do image-based threat vectors involve?

Answer 7

Embedding of malicious code inside of an image file by the threat actor

Attackers can disguise malware in seemingly harmless images.

Question 8

How can files be used as threat vectors?

Answer 8

Files, often disguised as legitimate documents or software, can be transferred as email attachments, through file-sharing services, or hosted on a malicious website

Users should be cautious of unexpected file transfers.

Question 9

What is vishing?

Answer 9

Use of voice calls to trick victims into revealing their sensitive information to an attacker

This is a form of social engineering attack.

Question 10

What is baiting in the context of removable devices?

Answer 10

An attacker leaves a malware-infected USB drive in a location where their target might find it

This technique manipulates the victim’s curiosity.

Question 11

What are unsecure networks?

Answer 11

Wireless, wired, and Bluetooth networks that lack appropriate security measures to protect them

Unsecure networks are vulnerable to interception and unauthorized access.

Question 12

Why are wired networks still vulnerable to threats?

Answer 12

Physical access to the network infrastructure can lead to various attacks

Security should be maintained regardless of the network type.

Question 13

What is MAC address cloning?

Answer 13

A technique where an attacker alters the MAC address of their device to impersonate another device

This can facilitate unauthorized access to networks.

Question 14

What is VLAN hopping?

Answer 14

Exploiting vulnerabilities in network switches to gain access to traffic on different VLANs

This can lead to unauthorized data interception.

Question 15

What is BlueBorne?

Answer 15

A set of vulnerabilities in Bluetooth technology that can allow an attacker to take over devices, spread malware, or intercept communications without user interaction

This highlights the risks associated with Bluetooth connectivity.

Question 16

What is BlueSmack?

Answer 16

A type of Denial of Service attack that targets Bluetooth-enabled devices by sending a specially crafted Logical Link Control and Adaptation Protocol packet

This can disrupt connectivity and functionality of Bluetooth devices.