1.3 Explain threat actor types and attributes Flashcards

1
Q

An employee suspected of modifying company invoices, diverted funds from a company account to his or her own private bank account. What kind of malicious actor type does this describe?

A

Insider threat

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
2
Q

An attacker gained access to a target’s cell phone information by social engineering a cellular provider to send the attacker a SIM card issued for the victim. What type of activity is this attack categorized by?

A

Organized crime

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
3
Q

Which of the following is NOT a critical profiling factor when assessing the risk that any one type of threat actor poses to an organization?

A

Non-repudiation

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
4
Q

Which of the following are examples of external malicious threat actor types?

A
  • Competitor threat

- Organized crime threat

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
5
Q

An attacker used Open Source Intelligence (OSINT) to gather information about a target’s Internet Protocol (IP) address registration records for the victim’s servers. What type of technique did the attacker use?

A

DNS harvesting

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
6
Q

An environmental advocacy group uses cyber weapons to put companies at risk and promote their agenda. What type of attack does this demonstrate?

A

Hacktivists

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
7
Q

A bank manager fired a security engineer. The engineer changed companies, working for another bank, and brought insider knowledge, which broke a Non-disclosure Agreement (NDA) with the previous employer. The security engineer used this knowledge to damage the previous company’s reputation. What classification of threat actor is the engineer?

A

Competitor

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
8
Q

With no specific target in mind, and without a reasonable goal, an attacker launched an unstructured phishing attack with an attachment of a replicating computer worm. If the attacker did not fully understand how this malware worked, and just wanted to gain attention, what classification of threat actor is this person?

A

A script kiddie

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
9
Q

Non-repudiation

A

describe a property of a secure network where a sender cannot deny having sent a message

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
10
Q

assessing the risk

A
  • critical factors when assessing the risk that any one type of threat actor poses to an organization. For example, the intent could be to vandalize and disrupt a system or to steal something
  • critical factors when assessing the risk that any one type of threat actor poses to an organization. For example, an attacker could be motivated by greed, curiosity, or some sort of grievance, for instance
  • Threats can be characterized as structured or unstructured (or targeted versus opportunistic) depending on the degree to which an organization is targeted specifically.
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
11
Q

DNS harvesting

A

uses Open Source Intelligence (OSINT) to gather information about a domain (subdomains, hosting provider, administrative contacts, and so on)

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
12
Q

Topology discovery (footprinting)

A

part of the discovery phase where the attacker or pen tester starts to identify the structure of the target network

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
13
Q

host discovery

A

When performing host discovery on an internetwork (a network of routed IP subnets), the attacker will want to discover how the subnets are connected by routers (and whether any misconfigured gateways between subnets exist)

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
14
Q

ping command

A

ping command can be used to detect the presence of a host on a particular IP address or that responds to a particular host name. Users can apply a simple script to perform a ping sweep

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
15
Q

Advanced Persistent Threat (APT)

A

coined to understand the behavior underpinning modern types of cyber adversaries. An APT refers to the ongoing ability of an adversary to compromise network security (to obtain and maintain access) using a variety of tools and techniques

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
16
Q

A targeted attack has a budget that can allocate resources and manpower to achieve its goals. What attribute does this type of attack contain?

A

Sophistication