(8) Threats and the Compute Environment

Question 1

What is adversary capability?

Answer 1

Adversary capability involves the resources, ability, and intent of threat actors or orgs

Question 2

What is an attack vector?

Answer 2

An attack vector is the means as to how an attacker can access their target

Question 3

What is threat modeling based off of?

Answer 3

Threat modeling is based off of a lot of different factors, such as the ability of the threat actor, the attack surface, potential attack vectors, the impact of a successful attack and the chance that an attack may succeed

Question 4

What is threat reputation?

Answer 4

Threat reputation is where a company or workgroup does research to consider “What has this person done in the past and what are the chances that they would do it again given some variables?”

Question 5

When it comes to reviewing the company’s attack surface, what is edge discovery?

Answer 5

Edge discovery is about scanning that reveals any systems or devices that are publicly exposed by scanning the company’s IP addresses

Question 6

When it comes to reviewing the company’s attack surface, what is passive discovery?

Answer 6

Passive discovery involves techniques that monitor inbound and outbound traffic to detect devices that were missed during discovery operations

Question 7

When it comes to reviewing the company’s attack surface, what is security controls testing?

Answer 7

Security controls testing is such that makes sure that the org’s defenses are working correctly

Question 8

When it comes to reviewing the company’s attack surface, what is penetration testing and adversary emulation?

Answer 8

Penetration testing and adversary emulation is all about simulating an actual attack to see if there are any issues in the org’s security controls

Question 9

What is attack surface reduction?

Answer 9

Attack surface reduction involves any changes to the computing environment that happen to help lower the ways that an enemy may try to attack