Brainscape's Knowledge GenomeTM

Browse over 1 million classes created by top students, professors, publishers, and experts.


See full index

CySA+ 003 > General > Flashcards

General Flashcards

1
Q

What are the…

Five phases of the Threat Intellience Cycle

A
  1. Planning & Requirements
  2. Collection & Processing
  3. Analysis
  4. Dissemination
  5. Feedback
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
2
Q

Provide the purpose of…

Planning & Requirements

Threat Intelligence Cycle

A
  • Defining our Goal
  • Staying business-aligned
  • Consider legal restrictions, regulations
  • Determine our most likely threats
  • How would they do us harm?
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
3
Q

Provide the purpose of…

Collection & Processing

Threat Intelligence Cycle

A
  • Gathering of information
  • Maintain consistency to stay organized
  • Automate as much as possible
  • Select appropriate end-points to collect data from
  • Processing & normalizing the collected data

Potential collection end-points include; cloud, phones, routers, servers, apps, laptops, etc…

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
4
Q

Provide the purpose of…

Analysis

Threat Intelligence Cycle

A
  • More data means higher chance to prove an attack is happening
  • Too much data demands automated tools to sift through the data
  • Use of SIEM to automate the correlation of events

Automation could include; Scripts (Bash, Python, PowerShell…)

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
5
Q

Provide the purpose of…

Dissemination

Threat Intelligence Cycle

A
  • Internally communicating the findings
  • Selecting the appropriate audience(s)
  • Communicate the findings to EACH of the audiences. (See types)
  • Outside communication? Potentially.

  • Types
  • Strategic Intelligence
  • Operational Intelligence
  • Tactical Intelligence
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
6
Q

Provide the purpose of…

Feedback

Threat Intelligence Cycle

A
  • New findings, new information
  • Lessons Learned from previous steps
  • New discoveries since last time
  • New tactics to imploy?
  • Assign clear list of people, a clear list of tasks to make the cycle better
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
7
Q

Whats the time frame of…

Strategic Intelligence

A

Long-term goals

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
8
Q

Whats the time frame of…

Operational Intelligence

A

Shorter-term goals

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
9
Q

Whats the time frame of…

Tactical Intelligence

A

Real-time goals

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
10
Q

What is…

Security Intelligence

A

How secure are we?

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
11
Q

What is…

Cyber Threat Intelligence

A

How threatening is the world?
* Narrative Sources
* Threat Feeds

Threat feeds are online resources that can be queried. Flow of known vulnerabilities, IP addresses, anti-virus softwares, necessary patches, real-time attacks, etc…

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
12
Q

What is… used for?

Historical / Trend Analysis

A

Used to indicator potential threats

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
13
Q

Describe what… is used for

Reconnaisance

As a defender

A
  • What could an attacker find out about us?
  • Use of OSINT tools to automate some of the process

Use of open-sourced (public) data to analysis a target (e.g. Social Media, websites, job descriptions, LinkedIN)

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
14
Q

What does … stand for?

OSINT

A

Open-source Intelligence

The process of gathering and analyzing publicly available information to assess threats, make decisions, and/or answer specific questions.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
15
Q

What is a … ?

zone transfer

A

Usually used to transfer DNS to new server; however could be used to fetch ALL DNS server information if misconfigured poorly

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
16
Q

What are … used for?

Website Rippers

A

Clones the entire target website

Used for interacting with the website and see potential vulnerabilities

17
Q

What are important for … ?

Confidence Levels

Information source

A
  • Timeliness (up to date?)
  • Relevancy
  • Accuracy
  • Fake News?
18
Q

What is the … ?

Admiralty System

A

A method for evaluating a source and the credibility of an information source

19
Q

What is … used for?

Information Sharing and Analysis Centers

A

Sources for industry specific security information

20
Q

Whats the purpose of … ?

Vulnerability Management

A

Keep an overview of security holes within organization

meltdown / spectre are two classic vulnerabilities to be aware of

enables us to patch problem before they get exploited

21
Q

What does the process of … look like?

Vulnerability Management

A
  • Assign responsibilities
  • Document EVERYTHING
  • Keep management excited about this
  • Track all inventory
  • Assign a business risk to each item, in order to prioritize when things fall a part
  • Select the appropriate tools
  • Scan for vulnerabilities
  • Fix ASAP
  • Dont forget about it, continuous process
22
Q

What are … ?

Unknown Threats

A

Threats that only present themselves via behaviors (aka breaks the mould)

Very advanced malware or Zero-day vulnerability

23
Q

Describe the … ?

The Johari Window

A
  • Known Knowns - we know what to do, just need to act
  • Known Unknowns - Aware but not sure how to implement
  • Unknown Knowns - Could understand but not aware of
  • Unknown Unknowns - Dont know how little you know
24
Q

Describe the behavior of …

APT

A

Advanced coordinated group(s) with the ability to establish persistent presence. Malicious actors by nature.

CYSA Exam - Well funded, Governmentally supported
Technically - Anyone with ability to break into something

25
Q

What is … all about?

Organized Crime

A

All about stealing stuff

26
Q

What is … all about?

Cyberterrorism

A

Engage in acts with no financial reason

Watch the world burn

27
Q

What is … all about?

Hacktivists

A

Moral justice, political agenda

Form of digital protest

28
Q

What is … all about?

Nation-States

A
  • Nation sponsored hacker groups
  • Focused on military/commercial advantage

Closely related to APTs

29
Q

What is … all about?

Script Kiddies

A

Beginner level hackers that employ commodity malware/scripts to perform attacks

30
Q

What is … all about?

Recreational Hackers

A
  • Non-dangerous
  • Hacking competitions
  • Capture the Flag contests
31
Q

What is … all about?

Professional hackers

A
  • Security auditors
  • Penetration testers
  • Security researchers who report their findings immediately
32
Q

What is … all about?

Suicide hackers

A
  • Nothing to loss
  • Desperate to reach their goals
33
Q

What is … all about?

Insider Threats

A
  • Present / former colleague
  • Already given permissions
  • Trusted creditionals
34
Q

What is … ?

Shadow IT

A
  • Integrating devices / software / cloud services into the company without the knowledge of company IT

Mobile devices, hidden switches, cloud services,

35
Q

What is … ?

Commodity Malware

A
  • Highly available, malicious software
  • Under funded actors imploy
  • APTs even start attacks using commodity malware to remain hidden

CySA+ 003 (4 decks)

Brainscape helps you reach your goals faster, through stronger study habits.
© 2024 Bold Learning Solutions. Terms and Conditions