Threats

2.5 Compare and contrast social engineering attacks, threats, and vulnerabilities

📘CompTIA A+ Core 2 (220-1202)

In IT, a threat is anything that can potentially harm a system, network, or data. Threats can be external (hackers) or internal (employees with bad intentions). Understanding threats is critical for defending networks and systems.

Here are the main threats you need to know:

1. Denial of Service (DoS)

  • What it is: An attack that makes a system, network, or service unavailable to users.
  • How it works: The attacker floods a server with more requests than it can handle.
  • Example in IT: A website’s server gets too many fake requests and crashes, so legitimate users cannot access it.

2. Distributed Denial of Service (DDoS)

  • What it is: Like DoS, but the attack comes from multiple computers at the same time.
  • How it works: Hackers control many devices (a botnet) to overwhelm a system.
  • Example in IT: An online service is flooded by thousands of devices, slowing it down or taking it offline completely.

3. Evil Twin

  • What it is: A fake Wi-Fi network set up by an attacker to steal information.
  • How it works: Users think they are connecting to a legitimate network but are actually connecting to the attacker’s network.
  • Example in IT: Employees connect to a fake office Wi-Fi, and the attacker can intercept their passwords and emails.

4. Zero-day Attack

  • What it is: An attack that targets a software vulnerability before the developer knows about it or has patched it.
  • How it works: Hackers exploit the flaw immediately.
  • Example in IT: A new vulnerability in Windows is used by attackers before Microsoft releases a security update.

5. Spoofing

  • What it is: Pretending to be someone or something else to gain unauthorized access.
  • How it works: The attacker disguises as a trusted system, IP, or email sender.
  • Example in IT: An attacker sends an email that looks like it’s from IT support, asking for credentials.

6. On-path Attack (formerly called Man-in-the-Middle)

  • What it is: Intercepting communication between two parties to steal or modify data.
  • How it works: The attacker sits in the middle of a network conversation.
  • Example in IT: An attacker intercepts unencrypted traffic between a user and a server to steal login credentials.

7. Brute-force Attack

  • What it is: Trying every possible password combination until the correct one is found.
  • How it works: Automated tools generate passwords repeatedly.
  • Example in IT: A tool tries all possible combinations to gain access to a user account.

8. Dictionary Attack

  • What it is: Similar to brute-force, but it uses a list of common words instead of random combinations.
  • How it works: The attacker tries passwords from a precompiled dictionary of likely words.
  • Example in IT: Trying “password123” or “welcome” repeatedly to hack an account.

9. Insider Threat

  • What it is: A threat coming from within an organization.
  • How it works: Employees or contractors misuse their access, intentionally or accidentally.
  • Example in IT: An employee steals sensitive company data or installs malware.

10. Structured Query Language (SQL) Injection

  • What it is: Attackers exploit vulnerabilities in databases by inserting malicious SQL code.
  • How it works: They manipulate database queries to gain unauthorized access or delete data.
  • Example in IT: A login form is poorly secured, and the attacker types a SQL command that logs them in without a password.

11. Cross-Site Scripting (XSS)

  • What it is: Attackers inject malicious code into websites that are then executed in users’ browsers.
  • How it works: The code can steal cookies, session tokens, or redirect users.
  • Example in IT: A comment box on a company website allows malicious scripts that capture visitor login details.

12. Business Email Compromise (BEC)

  • What it is: Attackers impersonate a company executive or vendor via email to trick employees into transferring money or sharing sensitive data.
  • How it works: Often uses social engineering and spoofed email addresses.
  • Example in IT: An employee receives an email that looks like it’s from the CFO asking for a wire transfer to a fake account.

13. Supply Chain / Pipeline Attack

  • What it is: Compromising a system or software through a third-party vendor.
  • How it works: Hackers insert malicious code in software updates, hardware, or services before it reaches the company.
  • Example in IT: Malware is included in a software update from a trusted vendor, infecting all clients who install it.

Key Exam Tips

  1. Understand the difference between DoS and DDoS: One source vs. multiple sources.
  2. Focus on the attack vector: How the attacker gains access—network, software, email, or insider.
  3. Know the IT-specific examples of each threat—they often appear as multiple-choice questions.
  4. Remember social engineering is human-based, while these threats are mostly technical.
Buy Me a Coffee

Powered by
Necessary cookies enable essential site features like secure log-ins and consent preference adjustments. They do not store personal data.
None
Functional cookies support features like content sharing on social media, collecting feedback, and enabling third-party tools.
None
Analytical cookies track visitor interactions, providing insights on metrics like visitor count, bounce rate, and traffic sources.
None
Advertisement cookies deliver personalized ads based on your previous visits and analyze the effectiveness of ad campaigns.
None
Powered by