2A: Explain Threat Actor Types and Attack Vectors

Question 1

Which of the following would be assessed by likelihood and impact: vulnerability, threat, or risk?

Answer 1

Risk

Question 2

True or false? Nation-state actors primarily only pose a risk to another state’s government?

Answer 2

False—nation state actors have targeted commercial interests for theft, espionage, and extortion.

Question 3

You receive an email with a screenshot showing a command prompt at one of your application servers. The email suggests you engage the hacker for a day’s consultancy to patch the vulnerability. How should you categorize this threat?

Answer 3

This is either gray hat (semi-authorized) hacking or black hat (non-authorized) hacking. If the request for compensation via consultancy is an extortion threat (if refused, the hacker sells the exploit on the dark web), then the motivation is purely financial gain and can be categorized as black hat. If the consultancy is refused and the hacker takes no further action, it can be classed as gray hat.

Question 4

Which type of threat actor is primarily motivated by the desire for social change?

Answer 4

Hacktivist

Question 5

Which three types of threat actor are most likely to have high levels of funding?

Answer 5

State actors, criminal syndicates, and competitors.

Question 6

You are assisting with writing an attack surface assessment report for a small company. Review the headings below and determine which two potential attack vectors have been omitted:
Direct access, Email, Remote and wireless, Web and social media, Cloud.

Answer 6

Removable media and supply chain.

Question 7

What is APT

Answer 7

advanced persistent threat

An attacker’s ability to obtain, maintain, and diversify access to network systems using exploits and malware.

Question 8

What is an attack surface

Answer 8

ALL the points at which a network or application receives external connections or inputs/outputs that are potential vectors to be exploited by a threat actor.

Question 9

What is an attack vector?

Answer 9

A specific path by which a threat actor gains unauthorized access to a system. Also referred to as a vector

Question 10

What is a black hat?

Answer 10

A hacker operating with malicious intent.

Question 11

What are criminal syndicates

Answer 11

A type of threat actor that uses hacking and computer fraud for commercial gain. Also referred to as organized crime.

Question 12

what is a gray hat?

Answer 12

A hacker who analyzes networks without seeking authorization, but without overtly malicious intent.

Question 13

What is a hacker?

Answer 13

Often used to refer to someone who breaks into computer systems or spreads viruses

Ethical Hackers prefer to think of themselves as experts on and explorers of computer security systems.

Question 14

What is a hacktivist?

Answer 14

A threat actor that is motivated by a social issue or political cause.

Question 15

What is an insider threat?

Answer 15

A threat actor who has assigned privileges on the system that cause an intentional or unintentional incident.

Question 16

What is an intentional threat?

Answer 16

threat actor with malicious purpose

Question 17

What is a script kiddie?

Answer 17

An inexperienced, unskilled attacker that typically uses tools or scripts created by others.

Question 18

What is shadow IT?

Answer 18

Computer hardware, software, or services used on a private network without authorization from the system owner.

Question 19

What is a state actor?

Answer 19

A type of threat actor that is supported by the resources of its host country’s military and security services. Also referred to as a nation state actor.

Question 20

what is a supply chain attack?

Answer 20

An attack that targets the end-to-end process of manufacturing, distributing, and handling goods and services.

Question 21

what is a threat?

Answer 21

The potential for an entity to exploit a vulnerability/to breach security

Question 22

what is a threat actor?

Answer 22

The person or entity responsible for an event that has been identified as a security incident or as a risk.

Question 23

what is an unintentional threat?

Answer 23

A threat actor that causes a vulnerability or exposes an attack vector without malicious intent.

Question 24

what is a vulnerability?

Answer 24

A weakness that could be triggered accidentally or exploited intentionally to cause a security breach.

`

Question 25

What is risk?

Answer 25

is the likelihood and impact (or consequence) of a threat actor exploiting a vulnerability

Question 26

what is a white hat?

Answer 26

A hacker engaged in authorized penetration testing or other security consultancy.

Question 27

what is an external threat?

Answer 27

one that has no account or authorized access to the target system

Question 28

what is capability?

Answer 28

a threat actor’s ability to craft novel exploit techniques and tools

Question 29

what is the difference in intent and motive>

Answer 29

Intent = goal of the attack (vandalize, disrupt, steal info)
motive = reason for attack (greed, curiosity, grievance)

Question 30

Name examples of hacktivists

Answer 30

Anonymous, Wikileaks, LulzSec

Question 31

Name some attack vectors

Answer 31

Direct Access
Removable Media
Email
Remote / wireless
supply chain
web and social media
clous