Chapter 2: Threat Management and Cybersecurity Resources Flashcards

1
Q

A type of test that attempts to exploit vulnerabilities just as a threat actor would

A

Penetration test

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
2
Q

Why should pen testing be carried out?

A

Deep vulnerabilities can only be revealed through a simulated attack using the mindset of an actual threat actor

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
3
Q

What are 3 advantages to using internal security personnel in a pen test?

A
  1. Low cost
  2. Fast
  3. Enhances training
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
4
Q

What are 3 disadvantages to using internal security personnel?

A
  1. Insider knowledge
  2. Lack of expertise
  3. Reluctance to reveal findings
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
5
Q

What are 4 advantages to using external consultants for pen testing?

A
  1. Expertise
  2. Credentials
  3. Experience
  4. Focus
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
6
Q

What is the primary disadvantage to using external consultants in a pen test?

A

Use of discovered information

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
7
Q

A monetary award for uncovering a software vulnerability

A

Bug bounty

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
8
Q

What are three advantages to crowdsourcing pen testing?

A
  1. Fast
  2. Flexible
  3. Wide scope
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
9
Q

Scans for vulnerabilities and exploits them in a pen test

A

Red team

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
10
Q

Monitors for attackers and shores up defenses as necessary in a pen test

A

Blue team

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
11
Q

Enforces the rules in a pen test

A

White team

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
12
Q

Provides feedback to defenders and attackers during pen test

A

Purple team

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
13
Q

A type of pen test where the attackers have no knowledge of the network nor special privileges

A

Black box

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
14
Q

A type of pen test where the attackers are given limited knowledge of the network and some elevated privileges

A

Gray box

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
15
Q

A type of pen test where attackers are given full knowledge of the network and the source code of applications

A

White box

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
16
Q

Limitations or parameters on the pen test

A

Rules of engagement

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
17
Q

What are 7 elements of the rules of engagement?

A
  1. Timing
  2. Scope
  3. Authorization
  4. Exploitation
  5. Communication
  6. Cleanup
  7. Reporting
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
18
Q

Less technical element of a report aimed at those in charge

A

Executive summary

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
19
Q

A process, involving determination, resolve, and perseverance, in which a load balancer crates a link between an endpoint and a specific network server for the duration of a session

A

Persistence

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
20
Q

Gathering information from outside the organization

A

Footprinting

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
21
Q

Directly probing for vulnerabilities and useful information

A

Active reconnaissance

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
22
Q

Searching for wireless signals from an automobile or on foot while using a portable computing device

A

War driving

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
23
Q

An efficient means of discovering a WiFi signal using drones

A

War flying

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
24
Q

An unmanned aerial vehicle without a human pilot

A

Drone

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
25
An aircraft without a human pilot on board to control its flight
Unmanned aerial vehicle (UAV)
26
Searching online for publicly accessible information
Passive surveillance
27
Publicly accessible information
Open source intelligence (OSINT)
28
Moving to more advanced resources that are normally protected from an application or user
Privilege escalation
29
Turning to other systems to be compromised
Pivoting
30
A frequent and ongoing process, often automated, that continuously identifies vulnerabilities and monitors cybersecurity progress
Vulnerability scanning
31
What are 7 ways that a pen test and vulnerability scan are different?
1. Purpose 2. Procedure 3. Frequency 4. Personnel 5. Process 6. Goal 7. Audience
32
What are 2 issues when conducting a vulnerability scan?
1. Workflow interruptions 2. Technical constraints
33
A list of all significant assets
Asset inventory
34
An examination of the software settings for a vulnerability scan
Configuration review
35
Depth of a vulnerability scan
Sensitivity level
36
4 elements of a configuration review include …
1. Define target devices 2. Ensure scan designed to meet intended goals 3. Sensitivity level 4. Specify data types
37
A scan in which authenticated credentials, such as usernames and passwords, are supplied to the stability scanner to mimic the work of a threat actor who possesses these credentials
Credentialed scan
38
A vulnerability scan that provides no authentication information to the tester
Non-credentialed scan
39
A vulnerability scan that attempts to employ any vulnerabilities which it finds, much like a threat actor would
Intrusive scan
40
A vulnerability scan that does not attempt to exploit the vulnerabilities which it finds, but o Lu records it was discovered
Non-intrusive scan
41
A numeric rating system of the impact of a vulnerability
Common Vulnerability Scoring System (CVSS)
42
A tool that consolidates real-time security monitoring and management of security information with analysis and reporting of security events
Security Information and Event Management (SIEM)
43
Looking at normal behavior of users and how they interact with systems to create a picture of typical activity
User behavior analysis
44
The process of computationally identifying and categorizing opinions, usually expressed in response to textual data, in order to determine the writer’s attitude toward a particular topic
Sentiment analysis
45
A tool designed to help security teams manage and respond to the very high number of security warnings and alarms by combining comprehensive data gathering and analytics in order to automate incident response
Security Orchestration, Automation, and Response (SOAR)
46
Proactively searching for cyber threats that this far have gone undetected in a network
Threat hunting
47
Conducting unusual behavior when threat hunting
Maneuvering
48
Cybersecurity data feeds that provide information on the latest threats
Threat feeds
49
A formal repository of information from enterprises and the government used to share information on the latest attacks
Fusion center
50
A series of documented processes used to define policies and procedures for implementation and management of security controls in an enterprise environment
Framework
51
4 NIST framework elements
1. Functions 2. Categories 3. Subcategories 4. Information sources
52
A guidance document designed to help organizations assess and manage risks to their information and systems
NIST Risk Management Framework
53
A measuring stick against which companies can compare their cybersecurity practices relative to the threats they face
NIST Cybersecurity Framework
54
A ISO standard that provides requirements for an information security management system
ISO 27001
55
An extension of ISO 27001 that is a framework for managing privacy controls to reduce the risk of privacy breaches
ISO 27701
56
An ISO “code of practice” for information security management within an organization and contains 114 different control recommendations
ISO 27002
57
An ISO standard that contains controls for managing and controlling risk
ISO 31000
58
An AICPA System and Organization control standard for reports on internal controls that reviews how a company safeguards consumer data and how well those controls are operating
SSAE SOC 2 Type II
59
An AICPA System and Organization control standard for reports on internal controls that can be freely distributed
SSAE SOC 2 Type III
60
A specialized framework of cloud-specific security controls
Cloud Controls Matrix
61
An authoritative source of information
Reference architecture
62
Standards typically developed by established professional organizations or government agencies using the expertise of seasoned security professionals
Regulations
63
A document approved through consensus by a recognized standardization body
Standards
64
A compliance standard to provide a minimum degree of security for handling customer card information
Payment Card Industry Data Security Standard (PCI DSS)
65
Guidelines for configuring a device or software usually distributed by hardware manufacturers and software developers
Benchmark/Secure Configuration Guide
66
Guidelines that only apply to specific products
Platform/vendor-specific guides
67
Documents that are authored by technology bodies employing specialists, engineers, and scientists who are experts in those areas
Requests for Comment (RFCs)
68
Cybersecurity information streams which include information on the latest vulnerabilities and threats
1. Vulnerability feeds 2. Threat feeds
69
A database of the behavior of threat actors and how they orchestrate and manage attacks
Adversary tactics, techniques, and procedures (TTP)