Chapter 1 Flashcards
Define Amateurs, Threat actors are individuals or groups of individuals who perform cyberattacks.
also known as script kiddies, have little or no skill. They often use existing tools or instructions found on the internet to launch attacks. Some are just curious, while others try to demonstrate their skills by causing harm. Even though they are using basic tools, the results can still be devastating.
Define Hacktivists
are hackers who protest against a variety of political and social ideas. Hacktivists publicly protest against organizations or governments by posting articles and videos, leaking sensitive information, and disrupting web services with illegitimate traffic in distributed denial of service (DDoS) attacks.
Define Financial Gain
Much of the hacking activity that consistently threatens our security is motivated by financial gain. These cybercriminals want to gain access to our bank accounts, personal data, and anything else they can leverage to generate cash flow.
Define Trade Secrets and Global Politics
In the past several years, we have heard many stories about nation states hacking other countries, or otherwise interfering with internal politics. Nation states are also interested in using cyberspace for industrial espionage. The theft of intellectual property can give a country a significant advantage in international trade.
Defending against the fallout from state-sponsored cyberespionage and cyberwarfare will continue to be a priority for cybersecurity professionals.
An attacker sends a piece of malware as an email attachment to employees in a company. What is one probable purpose of the attack?
The purpose of a typical malware attack is to disrupt computer operations, gather sensitive information, or gain access to a private computer system.
What is cyberwarfare?
Its objective is to disrupt (availability), corrupt (integrity) or exploit (confidentiality or privacy).
What type of malware has the primary objective of spreading across the network?
The main purpose of a worm is to self-replicate and propagate across the network. A virus is a type of malicious software that needs a user to spread. A trojan horse is not self-replicating and disguises itself as a legitimate application when it is not. A botnet is a series of zombie computers working together to wage a network attack.
What is a potential risk when using a free and open wireless hotspot in a public location?
Many free and open wireless hotspots operate with no authentication or weak authentication mechanisms. Attackers could easily capture the network traffic in and out of such a hotspot and steal user information. In addition, attackers might set up a “rogue” wireless hotspot to attract unsuspecting users to it and then collect information from those users.
At the request of investors, a company is proceeding with cyber attribution with a particular attack that was conducted from an external source. Which security term is used to describe the person or device responsible for the attack?
Some people may use the common word of “hacker” to describe a threat actor. A threat actor is an entity that is involved with an incident that impacts or has the potential to impact an organization in such a way that it is considered a security risk or threat.
What name is given to an amateur hacker?
Script kiddies is a term used to describe inexperienced hackers.
What commonly motivates cybercriminals to attack networks as compared to hacktivists or state-sponsored hackers?
Cybercriminals are commonly motivated by money. Hackers are known to hack for status. Cyberterrorists are motivated to commit cybercrimes for religious or political reasons.
What is a botnet?
One method of executing a DDoS attack involves using a botnet. A botnet builds or purchases a botnet of zombie hosts, which is a group of infected devices. The zombies continue to create more zombies which carry out the DDoS attack.
What is the best definition of personally identifiable information (PII)?
Personally identifiable information (PII) is data that could be used to distinguish the identity of an individual, such as mother’s maiden name, social security number, and/or date of birth.
What is a rogue wireless hotspot?
A rogue wireless hotspot is a wireless access point running in a business or an organization without the official permission from the business or organization.
What was used as a cyberwarfare weapon to attack a uranium enrichment facility in Iran?
The Stuxnet malware program is an excellent example of a sophisticated cyberwarfare weapon. In 2010, it was used to attack programmable logic controllers that operated uranium enrichment centrifuges in Iran.
