2. Cybersecurity Threat Landscape

Question 1

Shadow IT

Answer 1

Where individuals and groups seek out their own technology solutions.

Question 2

Threat Vectors

Answer 2

The means that threat actors use to obtain access.

Question 3

IoC’s

Answer 3

Indicators of Compromise

Telltale signs that an attack has taken place. May include file signatures, log patterns, and other evidence left behind by attackers.

Question 4

STIX

Answer 4

Structured Threat Information Expression.

An XML language that defines a threat by 12 domain objects including: attack patterns, identities, malware, threat actors, and tools.

Question 5

TAXII

Answer 5

Trusted Automatic Exchange of Indicator Information.

Intended to allow cyber threat information to be communicated at the application layer via HTTPS.

Question 6

OpenIOC

Answer 6

Open Indicators of Compromise.

Also an XML based framework. Typically includes metadata like the author, the name of the IOC, and a description of the indicator. May also include details of the actual compromise(s) that led to the indicator’s discovery.

Question 7

ISACs

Answer 7

Information Sharing and Analysis Centers.

Help infrastructure owners and owners share threat information and provide tools and assistance to their members.

Question 8

TTPs

Answer 8

Tactics, Techniques, and Procedures.

Question 9

Internet RFC’s

Answer 9

Internet Request for Comments.

Informative documents that contain technical specifications for internet protocols.