Deck E Prt. 2 Flashcards
Operational Threat Intelligence
Is the DATA that is collected from Sources such as Humans, Social Media, & Chat Rooms as well as from Events that resulted in Cyberattacks. In this Process, the Analyst prepares a report that includes identified malicious activities, Recommended courses of Action, and Warnings for emerging Attacks.
Operational Threat Intelligence
Is obtained by Analyzing human behavior, threat groups, and so on. This Information Helps in Predicting Future Attacks and Thus Enhancing Incident Response Plans and Mitigation Strategies as required. Operational Threat Intelligence is generally in the Form of a report that Contains Identified Malicious Activities, Recommended Courses of action and warnings of emerging attacks.
Operational Threat Intelligence
Is about Uncovering Specific Incoming Attacks before they happen. Most Operational Threat Intelligence Comes from Closed Sources, Although some threat actors discuss their plans via Social Media or Public Chat Rooms. Operational Threat Intelligence Provides Information about Specific Threats against the Organization.
PCI-DSS
Stands for Payment Card Industry-Data Security Standard. It is the Security Standard Applicable to a Credit Card Company
PGP
Is USED for Securing Email Messages. It is an Encryption Software, which is a FREE Implementation of the OpenPGP Standard that uses both Symmetric Key Cryptography & Asymmetric Key Cryptography for Improved Speed and Secure Key Exchange.
Pharming
USES Malicious Code to redirect users WEB Traffic. Once Redirected to these fake Websites, Users are prompted to enter personal Information, which is then used to commit Identify Theft or Financial Fraud.
Phishing Attack
Makes the Victim Open the Fraudulent email and click on the Malicious Attachment. This Results in the Malicious Attachment being downloaded and fileless malware being injected onto the software.
Preparation Phase
In The Incident Handling Process, the Preparation Phase is Responsible for Defining Rules, Collaborating with Human Workforce, Creating a back up Plan, and Testing the Plans for an Organizatoin.
Promiscuous Mode
Is The Type of Configuration that allows a wired or Wireless Network Interface Controller to pass all the traffic it Receives to the CPU (Central Processing Unit), rather than passing only the Frames that the controller is intended to receive.
Public Key Cryptography
Examples of Public Key Cryptography are: PGP (Pretty Good Privacy), SSL (Secure Socket Layer), IKE (Internet Key Exchange).
SMTP Enumeration
In SMTP Enumeration, The TWO Internal Commands VRFY and EXPN Provide a confirmation of Valid Users, Email Addresses, Aliases, and Mailing Lists.
STP Manipulation Attack
After Launching the STP Manipulation Attack the Attacker Creates a SPAN Entry on the Spoofed Root Bridge and Redirects the Traffic to his Computer.
Scareware Attack
Scareware Attack try to Scare you with Something that is a Hoax. When a Pop UP Appears to a user stating that this computer may have been infected with spyware. Click here to install an Anti Spyware Tool to Resolve this issue.
Spearphone Attack
EXPLOITS The Hardware of the Phone so the Attacker can Monitor the Loudspeaker Output from Data Sources such as Voice Assistants, Multimedia Messages, and Audio Files by using a Malicious App to breach Speech Privacy. The Spearphone Attack Breaches Speech Privacy by exploiting the motion Sensor accelerometer and capturing Speech Reverberations Generated through the Loudspeaker.
Split DNS
Is a DNS Configuration in which the Organization has one DNS (Domain Name Server) in a DMZ (Demilitarized Zone) & a Second DNS Server on the Internal Network. A Split DNS Infrastructure is a Solution to the problem of using the same domain name for Internally and Externally Accessible Resources.