2 - Cybersecurity Threat Landscape Flashcards
Explain the following: threats actors, vectors, and intel sources; and know security concerns associated with various vulnerabilities
What measures are commonly used to assess threat intelligence?
Timeliness, Accuracy, and Relevance
What language is STIX based on?
XML
Kolin is a penetration tester. Kolin is working to gain access to a system that belongs to the hospital. What term best describes Kolin’s work?
White Hat (Hacking)
What kind of Attack is most likely to be associated with an APT (advanced persistent threat)?
Nation-state Actor
What organizations did the U.S. government help create to help share knowledge between organizations in specific verticals?
ISACs
Which threat actor typically has the greatest access to resources (time, money, skill)?
Nation-state Actors
Which threat vector is most commonly exploited by attackers who are at a distant location?
Who is a good example of a hacktivist group?
Anonymous
What type of assessment is particularly useful for identifying insider threats?
Behavioral
Cindy wants to send threat info via a standardized protocol specifically designed to exchange cyber threat info. What should she use?
TAXII
Greg believes an attacker installed malicious firmware in a network device before it was provided to his org by the supplier. What type of threat vector best describes this attack?
Supply Chain
Ken is doing threat research on Transport Layer Security (TLS) and would like to consult the authoritative reference for the protocol’s technical specification. What resource would best meet his needs?
Internet RFCs
Wendy is scanning cloud-based repositories for sensitive info. What should concern her MOST, if discovered in a public repository?
API Keys
What threat research tool is used to visually display info about the location of threat actors?
Threat Map
Vince recently received the hash values of malicious software that several other firms in his industry found installed on their compromised systems. What term best describes this info?
IoC
Ursula recently discovered that developers are sharing info over a messaging tool provided by a cloud vendor that’s not sanctioned by their org. What term best describes this use of technology?
Shadow IT
Tom’s org recently learned that a vendor is discontinuing support for their customer relationship management system. What should concern Tom most from a security perspective?
Unavailability of Future Patches
What information sources are considered OSINT sources?
DSN Look-Up Services, Search Engine Research, and WHOIS Queries
Edward Snowden was a gov contractor who disclosed sensitive government documents to journalists to uncover what he believe were unethical activities. What terms describe Snowden’s activities from a security perspective?
Insider & Hacktivist
Renee is a cybersecurity hobbyist. She discovers that the URLs for her son’s school’s grade-viewing website contain ID numbers in the web addresses. She immediately reports this finding to the principle. What term best describe Renee’s good work?
Gray-hat (Hacking)
