WOLF//SEC
← Dashboard
DOMAIN 2.0 22% of exam

Threats, Vulnerabilities & Mitigations

The offensive knowledge domain — second heaviest on the exam. Five objectives spanning threat actor profiling (nation-state through script kiddie), attack surfaces and vectors (message, network, supply chain, human), vulnerability classes (application, OS, hardware, cloud, crypto, zero-day), malicious activity indicators, and enterprise mitigation techniques.

Objective 2.4 (“Given a scenario, analyze indicators of malicious activity”) is the PBQ target — expect to identify malware types, network attack patterns, application exploits, cryptographic attacks, and behavioral indicators from provided evidence under time pressure. This is one of the broadest objectives on the entire exam.

Understanding how attacks work — buffer overflows, protocol manipulation, MITM interception, credential replay, supply chain compromise — is the foundation for defending against them. Every mitigation technique in 2.5 maps directly to an offensive technique from 2.2–2.4.

OBJECTIVES

2.1 Compare and contrast common threat actors and motivations
compare
2.2 Explain common threat vectors and attack surfaces
explain
2.3 Explain various types of vulnerabilities
explain
2.4 Analyze indicators of malicious activity
PBQ
2.5 Explain the purpose of mitigation techniques used to secure the enterprise
explain

LABS

LAB 2.4-C T1: In-Browser

Application Attack Identifier

Obj 2.4 · intermediate · ~10min READY