1/16
Looks like no tags are added yet.
Name | Mastery | Learn | Test | Matching | Spaced | Call with Kai | Chat |
|---|
No analytics yet
Send a link to your students to track their progress
An attack surface is the sum of all the potential points (vulnerabilities) through which an attacker can interact with or compromise a system or network, indicating the overall exposure to potential threats. Examples of attack surfaces can be all software, hardware, and network interfaces with known security flaws. A threat vector represents the method or means through which a cyber threat is introduced or delivered to a target system. It outlines the pathway or avenue used by attackers to exploit vulnerabilities. Common threat vector types include phishing emails, malware, drive-by downloads, and social engineering techniques.
True
False
True
Which of the answers listed below refers to an email-based threat vector?
A) Spoofing
B) Phishing
C) BEC attacks
D) Malicious links
E) Malware attachments
F) All of the above
F) All of the above
Which of the following terms refers to a threat vector commonly associated with SMS-based communication?
A) Phishing
B) Vishing
C) Smishing
D) Pharming
C) Smishing
Which of the answers listed below refers to an example of a potential threat vector in IM-based communication?
A) Phishing attack
B) Malware distribution
C) Spoofing attack
D) Eavesdropping
E) Account hijacking
F) Malicious link/attachment
G) All of the above
G) All of the above
Which of the following answers refer to examples of image-based threat vectors? (Select 3 answers)
A) Steganography
B) BEC attacks
C) Image spoofing (deepfakes)
D) Brand impersonation
E) Malware-embedded images
A) Steganography
C) Image spoofing (deepfakes)
E) Malware-embedded images
Which of the answers listed below refers to a file-based threat vector?
A) PDF exploits
B) Malicious macros in documents
C) Compressed files (ZIP, RAR)
D) Malicious scripts in web pages
E) Infected images
F) Malicious executables
G) All of the above
G) All of the above
Which of the following answer choices is an example of a threat vector type that is typical for voice communication?
A) Smishing
B) Pharming
C) Vishing
D) Phishing
C) Vishing
Examples of threat vectors directly related to the use of removable devices include: (Select 2 answers)
A) Pretexting
B) Malware delivery
C) Watering hole attacks
D) Data exfiltration
E) Social engineering attacks
B) Malware delivery
D) Data exfiltration
Which of the answers listed below refer(s) to client-based software threat vector(s)? (Select all that apply)
A) Drive-by download via web browser
B) Malicious macro
C) Vulnerability in a network protocol or device
D) USB-based attack
E) Infected executable file
F) Malicious attachment in email application
A) Drive-by download via web browser
B) Malicious macro
D) USB-based attack
E) Infected executable file
F) Malicious attachment in email application
Which of the following answers refer to agentless software threat vectors? (Select 2 answers)
A) Phishing email
B) Malicious USB drive
C) Network protocol vulnerability
D) Infected macro
E) Packet sniffing
C) Network protocol vulnerability
E) Packet sniffing
Explanation:
Agentless threat vectors are attacks that do not require malicious software (an agent) to be installed on the target system. Instead, they exploit vulnerabilities or gather information remotely through network-based methods.
C) Network protocol vulnerability → ✔️ Agentless.Exploits weaknesses in protocols (like SMB, FTP, or HTTP) without installing any code on the target.
E) Packet sniffing → ✔️ Agentless.Involves intercepting and analyzing network traffic; no agent or malware is installed on the victim’s system.
Incorrect options:
A) Phishing email → Involves user interaction and often delivers malware or malicious links (agent-based).
B) Malicious USB drive → Requires physical access and installs malicious software (agent-based).
D) Infected macro → Runs malicious code inside documents (agent-based).
✅ Final Answer: C and E
Exploiting known vulnerability is a common threat vector for:
A) Legacy systems/apps
B) Unsupported systems/apps
C) Newly released systems/apps
D) Systems/apps with zero-day vulnerability
B) Unsupported systems/apps
Explanation:
Unsupported systems or applications no longer receive security patches or updates, meaning known vulnerabilities remain unpatched — making them prime targets for attackers.
Legacy systems often fall into this category too, since they tend to be outdated and unsupported, so they’re also at risk.
Newly released systems/apps (C) might have unknown or zero-day vulnerabilities, but not known ones.
Zero-day vulnerabilities (D) are unknown to the vendor, so they can’t be exploited as “known” vulnerabilities.
Which of the wireless technologies listed below are considered potential threat vectors and should be avoided due to their known vulnerabilities? (Select all that apply)
A) WPS
B) WAP
C) WPA
D) WAF
E) WPA2
F) WEP
A) WPS
C) WPA
E) WPA2
F) WEP
Explanation:
A) WPS (Wi-Fi Protected Setup)
Why insecure: WPS uses an 8-digit PIN, but it's actually split into two halves (first 7 digits + checksum). This makes brute-forcing the PIN feasible in hours.
Threat vector: Attackers can crack the PIN, gain the WPA/WPA2 key, and connect to the network.
C) WPA (Wi-Fi Protected Access)
Why insecure: WPA introduced TKIP (Temporal Key Integrity Protocol), which was only a stopgap after WEP failed. TKIP has vulnerabilities that allow packet injection and decryption.
Threat vector: Attackers can exploit TKIP weaknesses and break into WPA networks.
E) WPA2 (Wi-Fi Protected Access II)
Why included: While WPA2 with AES-CCMP is generally strong, it's no longer considered fully secure because of known exploits like the KRACK attack (Key Reinstallation Attack). Also, WPA2 networks may still use TKIP, which is weak.
Threat vector: Attackers can exploit misconfigurations or weaknesses in WPA2 implementations. Today, the secure choice is WPA3.
F) WEP (Wired Equivalent Privacy)
Why insecure: WEP uses weak RC4 encryption with a 24-bit IV (Initialization Vector) that repeats often, making it crackable within minutes using common tools.
Threat vector: Attackers can easily recover WEP keys and access the network.
Which of the following answers refers to a threat vector characteristic only to wired networks?
A) ARP Spoofing
B) VLAN hopping
C) Cable tapping
D) Port sniffing
E) All of the above
E) All of the above
Examples of threat vectors related to Bluetooth communication include: bluesmacking (a type of DoS attack that targets Bluetooth devices by overwhelming them with excessive traffic), bluejacking (the practice of sending unsolicited messages or data to a Bluetooth-enabled device), bluesnarfing (gaining unauthorized access to a Bluetooth device and data theft), and bluebugging (gaining remote control over a Bluetooth device).
True
False
True
Which of the answers listed below refers to the most probable cause of an unauthorized access caused by the exploitation of a specific network entry point?
A) Outdated AV software
B) Browser cookies
C) Open service ports
D) Insufficient logging and monitoring
C) Open service ports
The importance of changing default usernames and passwords can be illustrated by the example of certain network devices (such as routers), which are often shipped with default and well-known admin credentials that can be looked up on the web. Leaving the default credentials unchanged expands the attack surface by providing an easy entry point for unauthorized access.
True
False
True
Which of the following answers refer to common threat vectors that apply to MSPs, vendors, and suppliers in the supply chain? (Select 2 answers)
A) Compliance violations
B) Brand reputation damage
C) Propagation of malware
D) Operational disruptions
E) Social engineering techniques
C) Propagation of malware
E) Social engineering techniques