From Open Risk Manual
Attack Vector in the context of IT Risk denotes the fully specified sequence of operations that may enable unauthorized access and use of digital systems.
The set of all attack vectors in denoted the Attack Surface.
- Web Applications (HTTP)
- Other Network protocols
- Database Servers