Threat Vectors and Attack Surfaces

Question 1

What is a Threat Vector?

Answer 1

Means or pathways that an attacker can gain unauthorized access to a computer or network to deliver a malicious payload or carry out an unwanted action

Examples include phishing emails, malware, and unsecured networks.

Question 2

What is an Attack Surface?

Answer 2

Encompasses all the various points where an unauthorized user can try to enter data to or extract data from an environment

Question 3

What are the different types of threat vectors?

Answer 3

Messages, Images, Files, Voice calls, Removable devices, Unsecured networks

Question 4

What threats can messages do?

Answer 4

these threats are delivered via email, SMS text messaging, or other forms of instant messaging

Question 5

What threat can images do?

Answer 5

it involves the embedding of malicious code inside of an image file by the threat actor

Question 6

What threat can files do?

Answer 6

The files, often disguised as legitimate documents or software, can be transferred as email attachments, through file-sharing services, or hosted on a malicious website

Question 7

What threat can voice calls do?

Answer 7

It’s used to trick victims into revealing their sensitive information to an attacker

Question 8

What threat can removable devices do?

Answer 8

Threats delivered via removable devices such as USB

Question 9

What techniques can an attacker use to exploit Bluetooth?

Answer 9

BlueBorne and BlueSmack

Question 10

What is BlueBorne?

Answer 10

Set of vulnerabilities in Bluetooth that allow an attacker to take over devices, spread malware, or even establish an on-path attack to intercept communications without any user interaction

Question 11

What is BlueSmack?

Answer 11

Type of Denial of Service attack that targets Bluetooth-enabled devices by sending a specially crafted Logical Link Control and Adaptation Protocol packet to a target device