Threat Vectors and Attack Surfaces Flashcards

Mock Exam Revision

1
Q

The 2 most common threat vector types that apply to MSPs, vendors, and suppliers in the supply chain?

A

MSPs (Managed Service Providers)

Are prime targets for brand impersonation attacks due to their access to multiple clients’ IT systems, sensitive data, and administrative privileges. Cybercriminals exploit MSPs’ trusted reputations to launch supply chain attacks, phishing campaigns, and ransomware infections.

  1. Propagation of malware
  2. Social engineering techniques
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
2
Q

Which of the wireless technologies listed below are considered potential threat vectors and should be avoided due to their known vulnerabilities? (Select all that apply)

WPS, WAP, WPA, WAF, WPA2 and WEP

A

WPS, WPA, WPA2 and WEP

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
3
Q

Agent-less software threat vectors

A
  1. Network protocol vulnerability
  2. Packet sniffing
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
4
Q

Client-based software threat vector(s)

A
  1. Drive-by download via web browser.
  2. Malicious macro.
  3. USB-based attack.
  4. Infected executable file.
  5. Malicious attachment in email application.
How well did you know this?
1
Not at all
2
3
4
5
Perfectly