Objectives
Upon completion of this chapter, you will be able to answer the following questions:
- What are the threats, vulnerabilities, and attacks that occur in the various domains?
- What are the different deception methods used by attackers to deceive their victims?
- What are common types of network attacks?
- What are common types of wireless and mobile device attacks?
- What are types of application attacks?
Key Terms
This chapter uses the following key terms. You can find the definitions in the Glossary.
Infrastructure as a Service (IaaS)
Platform as a Service (PaaS)
Software as a Service (SaaS)
threat domain
Introduction (38.0)
It’s Webster again! The college help desk gets support tickets for a variety of reasons. The troubleshooting guide that Lara created will help the technicians with common computer and network problems. But sometimes, those support tickets result from malware on a user’s computer. The web has a lot to offer, but users must be careful because bad actors always want to wreak havoc or profit from you.
Lara did such a great job creating the help desk troubleshooting guide that the college assigned her to work on a cybersecurity awareness campaign. The campaign should educate college users on the threats, vulnerabilities, and common cyberattack attacks used by threat actors. It should also include information about threat actors who use social engineering techniques to trick users, information about common wireless threats, and an explanation of the threats to applications.
Education is the first line of defense. If users know about the bad stuff that can happen, they can help defend the college against them. So, let’s dig deeper and learn more about these threats, vulnerabilities, and cyberattacks.
Common Threats (38.1)
This section examines common internal and external security threats facing organizations.
Threat Domains (38.1.1)
With organizations facing an ever-growing number of cyber threats, it is critical that they have robust security solutions in place. But in order to protect themselves, organizations first need to know what vulnerabilities exist within their threat domains. A threat domain is considered to be an area of control, authority, or protection that attackers can exploit to gain access to a system.
There are many ways that attackers can uncover vulnerabilities and exploit systems within a domain.
Attackers can exploit systems within a domain through:
- Direct, physical access to systems and networks
- Wireless networking that extends beyond an organization’s boundaries
- Bluetooth or near-field communication (NFC) devices
- Malicious email attachments
- Less secure elements within an organization’s supply chain
- An organization’s social media accounts
- Removable media such as flash drives
- Cloud-based applications