1 - 2: Understanding Attackers Flashcards

1
Q

Differentiating attackers

A

Internal vs External, sophistication, resource access, motivation, intent

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
2
Q

Script Kiddies

A

Unskilled attackers who reuse tools and scripts made by more sophisticated attackers

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
3
Q

Hacktivists

A

Use tools to advance political and social agendas

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
4
Q

Organized crime

A

Believed to associate with ransomware, extortion, and other means of financial gain

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
5
Q

Corporate Espionage

A

Competitors who may target proprietary information

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
6
Q

Nation States

A

Sponsor sophisticated APTs, typically with military training and advanced tools

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
7
Q

White Hat

A

Operate and hack with good intent and organizational blessing

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
8
Q

Black Hat

A

Operate illegally with malicious intent

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
9
Q

Grey Hat

A

Operate without permission in typically illegal ways, but intend to help

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
10
Q

Insider threat

A

Risk that current, former employees, contractors, or other insiders may exploit their privileged access

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
11
Q

Privilege escalation attacks

A

Taking a regular account into a role or account with heightened privileges

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
12
Q

Preventing insider attacks

A

HR can perform background checks, follow rule of least privilege, require multiple users for high risk actions, mandatory vacations

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
13
Q

Shadow IT

A

Technology brought into the organization without IT clearing it

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
14
Q

Email (attack vector)

A

Conducting phishing campaigns to get at least one user to activate malware

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
15
Q

Social media (attack vector)

A

Spread malware or influence employees to gain trust and access

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
16
Q

Removable media

A

Leaving malware on USB drives or other media intending someone to plug it in and use it, or altering trusted cables and media with malicious chips

17
Q

Card skimmers

A

Magnetic card readers modified to read magnetic stripes to clone card data for use elsewhere

18
Q

Cloud services (attack vector)

A

Attackers scan cloud services for flaws, improper access control, or accidentally published credentials and keys

19
Q

Direct access

A

Publicly available networks, endpoints that can be touched

20
Q

Hardware Supply Chain

A

Tampering with devices before customers receive them

21
Q

Wireless networks (attack vector)

A

Unsecured or poorly secured wi-fi networks

22
Q

Ethical disclosure

A

1) Notify the vendor responsible, 2) provide reasonable time for patching, 3) Disclose the vulnerability publicly

23
Q

Patching and vulnerability management

A

Updating systems to mitigate risks and threats

24
Q

Zero day vulnerability

A

A vulnerability that at least one researcher has discovered but vendor has not yet patched, typically exploited by APTs

25
Q

Window of vulnerability

A

Time between vulnerability discovery and patch issuance

26
Q

Defending from APTs

A

Strong security foundation, strong encryption, rigorous monitoring