Exam 200-201 topic 1 question 29 discussion

ANS: C Attack Vector refers to specific path uses to gain unauthorized access to a system or network, while An attack surface recognizes which network parts are vulnerable to an attack.

C. An attack surface recognizes which network parts are vulnerable to an attack; and an attack vector identifies which attacks are possible with these vulnerabilities.

Option C is partially correct, as it correctly defines an attack surface as recognizing which network parts are vulnerable to an attack. However, it does not accurately define an attack vector. An attack vector is not just about identifying which attacks are possible with the vulnerabilities, but it also identifies the specific method or path used to exploit the vulnerability. Option B is the best answer, as it correctly defines an attack vector as identifying the components that can be exploited and an attack surface as identifying the potential path an attack can take to penetrate the network.

An attack surface represents the overall set of vulnerabilities that an attacker could potentially exploit to launch an attack. This can include hardware, software, network protocols, configurations, and user accounts. By identifying and assessing the attack surface, defenders can understand the overall security posture of their system or network and take steps to reduce its exposure to potential attacks. An attack vector, on the other hand, refers to the specific method or path that an attacker uses to exploit a particular vulnerability within the attack surface. An attacker may use multiple attack vectors to reach their goal, such as social engineering, malware, or exploiting a specific software flaw.

Attack Vector, Attack Surface and Threat Vector Vector - It is a quantity having direction as well as magnitude Attack Vector - is a “method” of gaining unauthorized access to a network or computer system. It takes many forms such as malware, ransomware, compromised credentials, phishing, web pages, pop-ups etc; basically any method that intends to compromise a system. Attack Surface - is the total number of attack vectors an attacker can use to manipulate or compromise a network or system. Can also be defined as the total number of possible methods to attack a network or system. Threat Vector - can be used interchangeably with attack vector and generally describes the potential ways a hacker can gain access to data or other confidential information. https://www.upguard.com/blog/attack-vector#:~:text=minimize%20cybersecurity%20risk.-,What%20is%20the%20Difference%20Between%20an%20Attack%20Vector%2C%20Attack%20Surface,computer%20system%20or%20extract%20data.

The 17 most common attack vectors are: Compromised Credentials Weak Credentials Uneducated Employees Insider Threats Poor Encryption Unpatched Software Security Vulnerabilities Third-party Vendors Phishing Attacks Ransomware Brute Force Attacks Distributed Denial of Service (DDoS) Attacks SQL Injections Trojans Session Hijacking Cross-Site Scripting (XSS) Man-in-the-Middle Attacks

C is better answer but B is also correct right?

correct

Correct Answer: C The attack surface of a software environment is the sum of the different points (for "attack vectors") where an unauthorized user (the "attacker") can try to enter data to or extract data from an environment.[1][2] Keeping the attack surface as small as possible is a basic security measure.[3] https://en.wikipedia.org/wiki/Attack_surface In computer security, an attack vector is a specific path, method, or scenario that can be exploited to break into an IT system, thus compromising its security. The term was derived from the corresponding notion of vector in biology. An attack vector may be exploited manually, automatically, or through a combination of manual and automatic activity. https://en.wikipedia.org/wiki/Attack_vector