1_5_2 Section 1 – Attacks, Threats, and Vulnerabilities - 1.5 – Threat Actors and Vectors - Attack Vectors

Questions and Answers

What is the primary goal of an attacker when identifying attack vectors?

• To close existing vulnerabilities
• To watch for undiscovered attack vectors
• To patch a lot of systems
• To gain access to the target network or system (correct)

What is the significance of an attacker having physical access to hardware?

• They can easily find a way into the operating system (correct)
• They have limited attack vectors available
• They cannot make changes to the administrative password
• They can reboot the system into a particular administrative mode

Why are data centers usually highly secured?

• To prevent unauthorized access to the operating system
• To prevent physical access to the hardware (correct)
• To watch for undiscovered attack vectors
• To patch a lot of systems

What is the outcome if an attacker finds a single vulnerability?

They will have gained access to the target (B)

What is the role of a security professional in regards to attack vectors?

To watch for undiscovered attack vectors and patch existing vulnerabilities (A)

What can be done to an operating system if an attacker has physical access to the hardware?

The operating system can be accessed and changes can be made (B)

What is a common attack vector when administrators have direct access to a server?

Attaching a keylogger to a keyboard (C)

What is a type of attack where an attacker connects a flash drive to a server and copies files?

Direct access attack (A)

What is the potential threat in the supply chain of an organization?

Each step in the supply chain being an attack vector (D)

What is the purpose of an evil twin access point?

To emulate a legitimate access point and fool users (B)

How did the attackers gain access to Target's internal network in the 2013 credit card breach?

Using a third-party vendor that had access to the internal network (A)

What is a vulnerability that was found in many clients that used WPA2?

KRACK (C)

What was the purpose of the Stuxnet worm in 2010?

To disrupt a manufacturing process in Iran (B)

What is a common way for attackers to gather personal information through email?

By sending phishing links (B)

What was the issue with some Cisco switches in 2020?

They were not originating from Cisco (D)

What is a type of attack that involves physically accessing a server to steal data or cause harm?

Direct access attack (B)

What can attackers gather from social media?

A lot of information, including location and personal details (C)

What is a type of malware that is often attached to emails?

Malicious software (D)

How can attackers use social media information to attack multifactor authentication?

By using the information to reset passwords (D)

What is a way to prevent direct access attacks on a server?

Physically securing the server (D)

What is a way to gain access to data that may not normally be accessible?

Finding ways around existing security technologies (D)

What is a security risk of using default credentials on an access point?

It makes it easier for attackers to use (D)

What is a type of attack that can be used to circumvent existing security controls?

USB connection attack (C)

Why is email a successful attack vector for threat actors?

Because many people have an email account (C)

What is a feature of some USB devices that can be used to attack an organization?

They can act as a keyboard (B)

Why is it important to be careful about who you allow access to your data and social media accounts?

To avoid being attacked by someone pretending to be a friend (C)

What is the main concern when putting data in the cloud?

That the data is protected from unauthorized access (D)

How do attackers often gain access to cloud-based applications?

By using all of the above (D)

What is the purpose of a denial-of-service attack?

To disrupt the functionality of a cloud-based service (B)

Why are cloud-based applications more vulnerable to attacks?

Because they are publicly-facing (B)

What can happen if a cloud-based application is misconfigured?

Certain areas of data may be opened up for anyone to access (A)

What can an attacker do to a cloud-based service?

Increase the load on the service (C)

What is the primary goal of an attacker when identifying attack vectors?

To gain access to the target through a single vulnerability (A)

What is the main advantage of an attacker having physical access to the hardware?

They can reboot the system into a particular administrative mode (D)

What is the role of a security professional in regards to attack vectors?

To patch existing vulnerabilities and watch for new attack vectors (A)

What is the outcome if an attacker finds a single vulnerability?

The attacker can gain full access to the target (B)

Why are data centers usually highly secured?

To prevent unauthorized physical access to the hardware (A)

What do attackers spend a lot of time trying to find?

Vulnerabilities in the system (C)

What is a common attack vector that involves attaching a device to a keyboard?

Keylogger (B)

What is the main concern when it comes to wireless access points?

Preventing rogue access points (B)

What is an 'evil twin' access point?

A hacking tool designed to emulate a legitimate access point (B)

What is a type of attack that involves sending malicious emails to gather personal information?

Phishing (C)

What is the purpose of a keylogger?

To capture usernames and passwords (B)

What is a vulnerability that was found in many clients that used WPA2?

KRACK (B)

What is a type of attack that involves physically accessing a server to steal data or cause harm?

Direct access attack (B)

What is a common way for attackers to gain access to data?

All of the above (D)

What is a type of attack that involves sending a fake invoice to convince users to pay a bill?

Social engineering (A)

What is a way to prevent direct access attacks on a server?

Limiting physical access to the server (B)

What is a key consideration when using cloud-based applications?

The security of the application's configuration (A)

What is a common method used by attackers to gain access to cloud-based applications?

Using phishing techniques to obtain user credentials (D)

What is a potential consequence of a misconfigured cloud-based application?

Exposure of sensitive data to unauthorized users (C)

What is a type of attack that can be used to exhaust the resources of a cloud-based service?

Denial-of-Service (DoS) attack (A)

Why is it important to plan for denial-of-service attacks when using cloud-based applications?

To ensure availability of the application to users (C)

What is a key benefit of securing cloud-based applications?

Protecting sensitive data from unauthorized access (A)

What is the potential entry point for attackers in the supply chain of an organization?

Each step along the way in the supply chain (B)

What is an example of using the supply chain to disrupt a manufacturing process?

The Stuxnet worm in 2010 (A)

What is a common way for attackers to gather information from social media?

By watching someone's timeline (B)

What is a potential consequence of an attacker gaining access to a network through a supply chain attack?

They can access all the devices on the network (D)

What is a feature of some USB devices that can be used to attack an organization?

Their ability to act as a keyboard (D)

What is a type of attack that involves using a fake device to gain access to a system?

USB drive attack (B)

What is a potential risk of using social media?

An attacker can gather information about you (C)

What is a way to circumvent existing security controls?

By finding ways around security technologies (D)

What is a potential consequence of an attacker gaining access to a system through a USB drive?

They can access and communicate with the system (C)

What is the main concern when it comes to the supply chain of an organization?

The security of the supply chain (D)