Threats, Vulnerabilities, Mitigation 1 Flashcards

1
Q

How can you attribute threath actors?

A
  • Internal/external
  • Recources/funding
  • Level of sophistication/capability
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
2
Q

What are Message Based vectors?

A
  • Message systems are one of the biggest threat vectors
  • Email, SMS
  • Often Phishing and Social Engineering attacks used
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
3
Q

What are Image based vectors?

A
  • Easier to disguise then text based
  • Image formats: SVG, XML
  • HTML Injection, Javascript attack code
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
4
Q

What are File-based vectors?

A

For Example:

Adobe PDF
* File format can contain many other objects

ZIP/RAW Files
* Contains many different files

Microsoft Office
* Documents with macros
* Add-in files

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
5
Q

What are Voice-Call vectors?

A
  • Vishing
  • Spam over IP (Large scale phone calls)
  • Call tampering (Disrupting voice calls)
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
6
Q

What are Removable device vectors?

A
  • Get around firewall via USB interface
  • Malicious software on USB flashdrive
  • USB device acting as keyboard
  • Data exfiltration
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
7
Q

What are Vulnerable Software vectors?

A

Client Based
* Infected executables
* Known (or unknown) vulverabilities

Agentless
* No installed executables
* Compromised software on server could affect others
* Client runs new instance each time

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
8
Q

What are Unsupported System vectors?

A
  • Patching crucial since they are not patched
  • Outdated operating systems
  • Single systems could be entry
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
9
Q

What are Unsecure network Vectors?

A
  • Outdated security protocols (WEP, WPA, WPA2)
  • Better uses 802.1.x protocol
  • Via Bluetooth
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
10
Q

What are Open service port vectors?

A

Most network-based services connects over TCP or UDP ports
* “Open” port

Every open port is opportunity for attacker
* Application vulnerability or misconfiguration

Every service needs port
* More services, more attack surface

Firewall Rules
* Must allow traffic to an open port

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
11
Q

What are default credential vectors?

A
  • Many devices have default usernames and passwords
  • Right credentials provide full control
  • Administrator access
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
12
Q

What are Supply chain vectors?

A
  • Tamper with underlying infrastructure or manufacturing process
  • Suppliers, third parties
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
13
Q

What are Human/social Engineering?

A
  • Phishing
  • Impersonating
  • Watering Hole
  • Misinformation
  • Brand Impersonation
How well did you know this?
1
Not at all
2
3
4
5
Perfectly