Brainscape's Knowledge GenomeTM


Top Flashcards (Certified)
All Flashcards

CyberSec 8801 > Week 2 > Flashcards

Week 2 Flashcards

1
Q

What is a threat vector?

A

A pathway or method used by a hacker to illegally access a network or computer in an attempt to exploit system vulnerabilities.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
2
Q

What is an attack surface?

A

Number of all possible points, or attack vectors, where an unauthorized user can access a system and extract data.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
3
Q
  • Compromised Credentials
  • Malware
  • Phishing

Above are common attack vectors, list 4 more

A
  • Insider Threats
  • Missing or Weak Encryption
  • Unpatched Applications or Servers
  • Distributed Denial of Service (DDoS)
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
4
Q

How do organizations minimize the attack surface?

A

By identifying and blocking potential threats and updating default credentials.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
5
Q

True or False: Users are considered the weakest link in cybersecurity.

A

True

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
6
Q

What are the two categories of threat vectors?

A
  • Programming
  • Social Engineering
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
7
Q

Fill in the blank: A hacker gains access to a system through an attack vector by identifying potential _______.

A

[target]

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
8
Q

What is the significance of monitoring the attack surface?

A

It helps organizations identify and block potential threats.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
9
Q
  • Viruses/Trojans
  • Malware/Ransomware
  • Unpatched vulnerabilities

These fall under what category of threat vector?

A

Programming

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
10
Q
  • Weak passwords
  • Phishing
  • Messaging Apps

These fall under what category of threat vector?

A

Social Engineering

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
11
Q
  • Spoofing
  • Credential Reuse
  • Disgruntled Employee

These fall under what category of threat vector?

A

Social Engineering

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
11
Q
  • Brute forcing
  • Dos/DDoS
  • Misconfigurations

These fall under what category of threat vector?

A

Programming

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
12
Q

Fill in the blank: The analysis of more than 145,000 internet-exposed Industrial Control Systems was conducted by _______.

A

[Censys]

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
13
Q

What should users do in response to high-severity flaws in devices like Bosch Thermostats?

A

Limit the network reachability of the device and review accounts that have login access.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
14
Q

What percentage of internet-exposed ICS devices are located in North America?

A

38%

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
15
Q

What are the two modes in which a threat vector can operate?

A
  • Passive Mode
  • Active Mode
16
Q

What is the main challenge of minimizing the attack surface?

A

It becomes difficult as companies expand their digital footprint and embrace new technologies.

17
Q

What is the expected timeline for patches for vulnerabilities in Bosch devices?

A

By the end of January 2024.

18
Q

What is the role of email filtering tools?

A

They can block a lot of malicious messages.

19
Q

True or False: The adoption of self-driving vehicles has decreased the attack surface.

20
Q

What is a common passive mode activity for hackers?

A

Information gathering without affecting the system.

CyberSec 8801 (15 decks)

Brainscape helps you reach your goals faster, through stronger study habits.
© 2025 Bold Learning Solutions. Terms and Conditions