Types of Attack involving CISSP

A random number of attacks which involves the 8 Fundamental Domains of CISSP

1.)Password Attack:

Brute force attack(Cracking by submitting many passphrase)

Rainbow Attack ( Caching Outputs of Cryptographic hash function)

..“Assets Security” plays important role in this scenario.

2.)Social Engineering Attacks:

Phishing(revealing of information by Fake Email or Websites or by using Ransomware)

Smishing(txt form of Phishing)

Vishing(voice technology)

Spear Phishing(fixed target that attacks want to reveal its PII)

Whaling(Faking being a Social media player)

Social Media Phishing

Business Email Compromise(Organization target)

Watering hole attack(infecting websites)

USB baiting(inserting malicious code by USB stick)

“Security and risk Management ” plays important role in this attack type.

3.)Physical Attacks:

Malicious USB, flash drive attacks

Card cloning(sending info from one to other device or source)

Skimming attack(obtaining PII and used them on Internet)

..“Assets Security” plays important role in this scenario.

4.)Adversial A.I.:

manipulates AI to do attack more efficiently.

“Network and Communication security” and “Identity and Access Security”.

“Identity and Access Security”

5.)Supply Chain Attack:

.) Security Operations ,Security Architecture and Engineering and security and risk management domains plays important role in it.

6.)Cryptographic Attacks:

Birthday Attack(Cracking through matches i.e., same in hash function)

Collision(two inputs producing same hash)

Downgrade( switch to a low quality less secure attack)

“Network and Communication security”