(8) Threats and the Compute Environment Flashcards
What is adversary capability?
Adversary capability involves the resources, ability, and intent of threat actors or orgs
What is an attack vector?
An attack vector is the means as to how an attacker can access their target
What is threat modeling based off of?
Threat modeling is based off of a lot of different factors, such as the ability of the threat actor, the attack surface, potential attack vectors, the impact of a successful attack and the chance that an attack may succeed
What is threat reputation?
Threat reputation is where a company or workgroup does research to consider “What has this person done in the past and what are the chances that they would do it again given some variables?”
When it comes to reviewing the company’s attack surface, what is edge discovery?
Edge discovery is about scanning that reveals any systems or devices that are publicly exposed by scanning the company’s IP addresses
When it comes to reviewing the company’s attack surface, what is passive discovery?
Passive discovery involves techniques that monitor inbound and outbound traffic to detect devices that were missed during discovery operations
When it comes to reviewing the company’s attack surface, what is security controls testing?
Security controls testing is such that makes sure that the org’s defenses are working correctly
When it comes to reviewing the company’s attack surface, what is penetration testing and adversary emulation?
Penetration testing and adversary emulation is all about simulating an actual attack to see if there are any issues in the org’s security controls
What is attack surface reduction?
Attack surface reduction involves any changes to the computing environment that happen to help lower the ways that an enemy may try to attack