1_5_2 Section 1 – Attacks, Threats, and Vulnerabilities - 1.5 – Threat Actors and Vectors - Attack Vectors

Questions and Answers

What is the primary goal of an attacker when identifying attack vectors?

To close existing vulnerabilities

To watch for undiscovered attack vectors

To patch a lot of systems

To gain access to the target network or system (correct)

What is the significance of an attacker having physical access to hardware?

They can easily find a way into the operating system (correct)

They have limited attack vectors available

They cannot make changes to the administrative password

They can reboot the system into a particular administrative mode

Why are data centers usually highly secured?

To prevent unauthorized access to the operating system

To prevent physical access to the hardware (correct)

To watch for undiscovered attack vectors

To patch a lot of systems

What is the outcome if an attacker finds a single vulnerability?

They will have gained access to the target

What is the role of a security professional in regards to attack vectors?

To watch for undiscovered attack vectors and patch existing vulnerabilities

What can be done to an operating system if an attacker has physical access to the hardware?

The operating system can be accessed and changes can be made

What is a common attack vector when administrators have direct access to a server?

Attaching a keylogger to a keyboard

What is a type of attack where an attacker connects a flash drive to a server and copies files?

Direct access attack

What is the potential threat in the supply chain of an organization?

Each step in the supply chain being an attack vector

What is the purpose of an evil twin access point?

To emulate a legitimate access point and fool users

How did the attackers gain access to Target's internal network in the 2013 credit card breach?

Using a third-party vendor that had access to the internal network

What is a vulnerability that was found in many clients that used WPA2?

KRACK

What was the purpose of the Stuxnet worm in 2010?

To disrupt a manufacturing process in Iran

What is a common way for attackers to gather personal information through email?

By sending phishing links

What was the issue with some Cisco switches in 2020?

They were not originating from Cisco

What is a type of attack that involves physically accessing a server to steal data or cause harm?

Direct access attack

What can attackers gather from social media?

A lot of information, including location and personal details

What is a type of malware that is often attached to emails?

Malicious software

How can attackers use social media information to attack multifactor authentication?

By using the information to reset passwords

What is a way to prevent direct access attacks on a server?

Physically securing the server

What is a way to gain access to data that may not normally be accessible?

Finding ways around existing security technologies

What is a security risk of using default credentials on an access point?

It makes it easier for attackers to use

What is a type of attack that can be used to circumvent existing security controls?

USB connection attack

Why is email a successful attack vector for threat actors?

Because many people have an email account

What is a feature of some USB devices that can be used to attack an organization?

They can act as a keyboard

Why is it important to be careful about who you allow access to your data and social media accounts?

To avoid being attacked by someone pretending to be a friend

What is the main concern when putting data in the cloud?

That the data is protected from unauthorized access

How do attackers often gain access to cloud-based applications?

By using all of the above

What is the purpose of a denial-of-service attack?

To disrupt the functionality of a cloud-based service

Why are cloud-based applications more vulnerable to attacks?

Because they are publicly-facing

What can happen if a cloud-based application is misconfigured?

Certain areas of data may be opened up for anyone to access

What can an attacker do to a cloud-based service?

Increase the load on the service

What is the primary goal of an attacker when identifying attack vectors?

To gain access to the target through a single vulnerability

What is the main advantage of an attacker having physical access to the hardware?

They can reboot the system into a particular administrative mode

What is the role of a security professional in regards to attack vectors?

To patch existing vulnerabilities and watch for new attack vectors

What is the outcome if an attacker finds a single vulnerability?

The attacker can gain full access to the target

Why are data centers usually highly secured?

To prevent unauthorized physical access to the hardware

What do attackers spend a lot of time trying to find?

Vulnerabilities in the system

What is a common attack vector that involves attaching a device to a keyboard?

Keylogger

What is the main concern when it comes to wireless access points?

Preventing rogue access points

What is an 'evil twin' access point?

A hacking tool designed to emulate a legitimate access point

What is a type of attack that involves sending malicious emails to gather personal information?

Phishing

What is the purpose of a keylogger?

To capture usernames and passwords

What is a vulnerability that was found in many clients that used WPA2?

KRACK

What is a type of attack that involves physically accessing a server to steal data or cause harm?

Direct access attack

What is a common way for attackers to gain access to data?

All of the above

What is a type of attack that involves sending a fake invoice to convince users to pay a bill?

Social engineering

What is a way to prevent direct access attacks on a server?

Limiting physical access to the server

What is a key consideration when using cloud-based applications?

The security of the application's configuration

What is a common method used by attackers to gain access to cloud-based applications?

Using phishing techniques to obtain user credentials

What is a potential consequence of a misconfigured cloud-based application?

Exposure of sensitive data to unauthorized users

What is a type of attack that can be used to exhaust the resources of a cloud-based service?

Denial-of-Service (DoS) attack

Why is it important to plan for denial-of-service attacks when using cloud-based applications?

To ensure availability of the application to users

What is a key benefit of securing cloud-based applications?

Protecting sensitive data from unauthorized access

What is the potential entry point for attackers in the supply chain of an organization?

Each step along the way in the supply chain

What is an example of using the supply chain to disrupt a manufacturing process?

The Stuxnet worm in 2010

What is a common way for attackers to gather information from social media?

By watching someone's timeline

What is a potential consequence of an attacker gaining access to a network through a supply chain attack?

They can access all the devices on the network

What is a feature of some USB devices that can be used to attack an organization?

Their ability to act as a keyboard

What is a type of attack that involves using a fake device to gain access to a system?

USB drive attack

What is a potential risk of using social media?

An attacker can gather information about you

What is a way to circumvent existing security controls?

By finding ways around security technologies

What is a potential consequence of an attacker gaining access to a system through a USB drive?

They can access and communicate with the system

What is the main concern when it comes to the supply chain of an organization?

The security of the supply chain