Exam Objectives 2.2
Explain common threat vectors and attack surfaces.
- Message-based:
- Email: Phishing, malicious attachments
- Short Message Service (SMS): Text-based scams, malicious links, and smishing
- Instant messaging (IM): Chat-based phishing, malware distribution, and social engineering
- Image-based: Malware hidden in images, steganography
- File-based: Malicious files, trojans, ransomware distribution
- Voice call: Vishing, social engineering via voice
- Removable device: Malware on USBs, data theft
- Vulnerable software: Exploiting software vulnerabilities for attacks
- Client-based versus agentless: Attack methods based on client software
- Unsupported systems and applications: Attacks targeting outdated software, OS
- Unsecure networks: Exploiting weak Wi-Fi, wired connections
- Wireless: Hacking via Wi-Fi networks, Bluetooth
- Wired: Attacks on physically connected systems
- Bluetooth: Exploiting device connections, data interception
- Open service ports: Exploiting...