1.5 Flashcards

Explain different threat actors, vectors, and intelligence sources.

1
Q

Also known as threat _____________ or adversaries, are individuals, groups, organizations, or entities that pose a threat to the security of computer systems, networks, or data.

A

Actors

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
2
Q

___________ refer to potential dangers or risks to the confidentiality, integrity, and availability of information systems and data.

A

Threats

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
3
Q

An _____________ is a sophisticated and targeted cyber attack carried out by highly skilled and well-resourced adversaries, typically with specific objectives such as espionage, data theft, or sabotage. ________________ are carefully planned, stealthy, and persistent.

A

Advanced persistent threat (APT)

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
4
Q

Refers to potential risks posed to an organization’s cybersecurity by individuals who have authorized access.

A

Insider threats

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
5
Q

Refers to government entities or agencies that engage in cyber activities for various purposes, including espionage, sabotage, influence operations, and national security objectives.

A

State actors

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
6
Q

Are individuals or groups who engage in hacking activities as a means of promoting social or political causes.

A

Hacktivists

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
7
Q

Are individuals with limited technical expertise who use pre-existing hacking tools and scripts to launch cyber attacks or engage in malicious activities without a deep understanding of how these tools work.

A

Script kiddies

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
8
Q

Are sophisticated groups of individuals or networks that engage in criminal activities in cyberspace for financial gain or other malicious purposes.

A

Criminal syndicates

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
9
Q

Individuals or groups with advanced technical skills and knowledge of computer systems, networks, and software.

A

Hackers

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
10
Q

Also known as ethical hackers or penetration testers, are individuals or security professionals who are authorized by organizations to deliberately attempt to bypass security controls.

A

Authorized hackers

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
11
Q

Also known as malicious hackers or attackers, are individuals or groups who gain unauthorized access to computer systems, networks, or data.

A

Unauthorized hackers

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
12
Q

Hackers that work in both the legally sanctioned world of security and the illegal realm of criminal activity.

A

Semi-authorized hackers

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
13
Q

Refers to IT systems, software, applications, or services that are used within an organization without explicit approval, oversight, or control from the IT department.

A

Shadow IT

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
14
Q

Other organizations within the same industry or market sector that may pose a threat or risk to an organization’s cybersecurity posture.

A

Competitors

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
15
Q

Individuals within an organization who have authorized access to its systems, networks, or data.

A

Internal actors

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
16
Q

individuals, groups, organizations that operate outside of an organization’s boundaries and seek to compromise its systems, networks, or data.

A

External actors

17
Q

Refers to a method or pathway through which an attacker gains direct access to a system.

A

Direct access vector

18
Q

Refers to various methods an attacker can use to gain access to a system.

19
Q

Refers to a method or pathway through which a cyber threat is delivered to a target via wireless communication channels.

A

Wireless vector

20
Q

Refers to a method or pathway through which a cyber threat is delivered to a target via email.

A

Email vector

21
Q

Refers to a method or pathway through which a cyber threat is delivered to a target via its supply chain partners or vendors.

A

Supply chain vector

22
Q

Refers to a method or pathway through which a cyber threat is delivered to a target via removable media.

A

Removable media vector

23
Q

Refers to a method or pathway through which a cyber threat is delivered to a target via social media.

A

Social media vector

24
Q

Refers to a method or pathway through which a cyber threat is delivered to a target via cloud connectivity.

A

Cloud vector

25
Refers to the collection, analysis, and use of publicly available information from open sources to gather intelligence.
Open-source intelligence (OSINT)
26
Are collections of information about known vulnerabilities. These databases serve as centralized resources.
Vulnerability databases
27
Are threat intelligence databases that are offered by security firms as a premium. Cannot be accessed unless bought.
Closed/proprietary
28
Also known as Information Sharing and Analysis Centers (ISACs) or Information Sharing and Analysis Organizations (ISAOs), are collaborative platforms or organizations established to facilitate the exchange of cybersecurity threat intelligence.
Public/private information- sharing centers
29
Is a subset of the worldwide content on the Internat that has its access restricted via specific obfuscation methods.
Dark web
30
Are artifacts or evidence observed in a network, system, or environment that may indicate a security compromise by malicious actors.
Indicators of Compromise (IoCs)
31
Is an automated, bidirectional cyber-threat indicator method that's used for reporting.
Automated Indicator Sharing (AIS)
32
Are key standards and protocols in cybersecurity designed to facilitate the sharing and exchange of cyber threat intelligence.
Structured Threat Information eXpression (STIX)/Trusted Automated eXchange of Intelligence Information (TAXII)
33
The process of using analytical methods to forecast security incidents before they occur.
Predictive analysis
34
Are geographical representations of attacks showing where packets are coming from and going to.
Threat maps
35
Are centralized storage systems used to store digital assets related to software development and IT operations.
File/code repositories
36
Are the sets of standards used to define how the Internet and protocols involved in the World Wide Web are established and managed.
Request for comments (RFC)
37
Is used to describe how threat agents organize and orchestrate their efforts.
Adversary tactics, techniques, and procedures (TTP)