Brainscape's Knowledge GenomeTM

Browse over 1 million classes created by top students, professors, publishers, and experts.


See full index

CompTIA CySA++ > Classifying Threats > Flashcards

Classifying Threats Flashcards

1
Q

Documented Exploits

A

A piece of software, data or sequence of commands that takes advantage of a vulnerability to cause unintended behavior or to gain unauthorized access to sensitive data

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
2
Q

Known Unknowns

A

A classification of malware that contains obfuscation techniques to
circumvent signature-matching and detection

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
3
Q

APT

A

An attacker that establishes a long-term presence on a network in
order to gather sensitive information

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
4
Q

Commodity Malware

A

Malicious software applications that are widely available for sale or easily obtainable and usable

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
5
Q

Reputation Data

A

Blacklists of known threat sources, such as malware signatures, IP address ranges, and DNS domains

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
6
Q

IoC

A

A residual sign that an asset or network has been successfully attacked or is continuing to be attacked

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
7
Q

IoA

A

A term used for evidence of an intrusion attempt that is in
progress

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
8
Q

Behavioral Threat Research

A

Correlation of IoCs into attack patterns

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
9
Q

TTP

A

Behavior patterns that were used in historical cyberattacks and
adversary actions

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
10
Q

Fast Flux DNS

A

A technique rapidly changes the IP address associated with a
domain

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
11
Q

Lockheed Marin Kill Chain

A

Describes the stages by which a threat actor progresses a network
intrusion

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
12
Q

Lockheed Marin Kill Chain STEPS

A

Reconnaissance - method of attack
Weaponization - creates payload code to be executed
Delivery - ID vector to transmit code
Exploitation - execution on system
Installation - enables code to remote access
C2 - established control and download additional tools
Actions on Objectives - achievement of data exfiltration or goal

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
13
Q

MITRE ATT&CK Framework

A

A knowledge base maintained by the MITRE Corporation for listing and explaining specific adversary tactics, techniques, and common knowledge or procedures (attack.mitre.org)

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
14
Q

Diamond Model of Intrusion Analysis

A

A framework for analyzing cybersecurity incidents and intrusions by
exploring the relationships between four core features: adversary,
capability, infrastructure, and victim

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
15
Q

STIX

A

A standard terminology for IoCs and ways of indicating relationships
between them that is included as part of the OASIS Cyber Threat
Intelligence (CTI) framework

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
16
Q

TAXII

A

A protocol for supplying codified information to automate incident
detection and analysis

17
Q

OpenIOC

A

A framework by Mandiant that uses XML-formatted files for supplying codified information to automate incident detection and analysis

18
Q

MISP

A

MISP provides a server platform for cyber threat intelligence sharing, a proprietary format, supports OpenIOC definitions, and can import and export STIX over TAXII

CompTIA CySA++ (7 decks)

Brainscape helps you reach your goals faster, through stronger study habits.
© 2025 Bold Learning Solutions. Terms and Conditions