Lesson 2: Compare Threat Types Flashcards
What is a vulnerability?
A weakness in a system that can be exploited, such as insecure passwords or software flaws.
This can lead to unauthorized access or data breaches.
What does a threat refer to in cybersecurity?
The potential for a vulnerability to be exploited, often carried out by a threat actor or vector.
Understanding the nature of the threat is crucial for Risk Management.
Define risk in the context of cybersecurity.
The combination of the likelihood of a vulnerability being exploited and the potential impact of such an exploitation.
Risk assessment is essential for prioritizing security measures.
What distinguishes internal threat actors from external threat actors?
Provide examples of each
Internal threat actors have authorized access, while external actors must breach security measures.
Internal: Employees
External: Hackers
How do the sophistication and capability of threat actors vary?
They range from amateurs using basic tools to sophisticated groups employing advanced techniques, often influenced by their resources.
What types of funding may high-capability threat actors have?
They may be state-sponsored or part of organized crime, providing significant resources for their activities.
What are hackers?
Individuals who gain unauthorized access to systems, categorized into ethical (white hat) and malicious (black hat) hackers.
Who are hacktivists?
Groups that use hacking to promote political agendas, often through service disruptions or data leaks.
What are nation-state actors known for?
Engaging in advanced persistent threats (APTs) for espionage and disinformation, often with significant resources and capabilities.
What is the definition of an attack surface?
The attack surface encompasses all points in a system that are vulnerable to exploitation.
This includes network ports, applications, and user interactions
What is a threat vector?
The specific path taken by threat actors to exploit vulnerabilities.
This can include multistage campaigns and novel attack methods.
List key vectors of attack.
- Vulnerable Software
- Unsupported Systems
- Network Vectors
Explain the Vulnerable Software vector of attack?
Software flaws can be exploited to bypass access controls; regular patching and system consolidation are essential for mitigation.
Explain the Unsupported Software vector of attack?
Systems that are no longer updated pose a high risk due to unpatched vulnerabilities.
Explain the Network Software vector of attack?
Include remote exploits (no credentials needed) and local exploits (require unauthenticated sessions).
What are lure-based vectors?
Involve removable devices (e.g., USB drives with malware) and malicious file types that trick users into executing harmful code.
What are message-based vectors?
Utilize email, SMS, and social media to deliver phishing attacks, often containing malicious links or attachments.
Define social engineering.
Exploits human psychology to manipulate individuals into divulging confidential information or performing actions that compromise security.
What are key techniques used in social engineering?
- Impersonation: Pretending to be someone else
- Pretexting: Creating a fabricated scenario to gain trust
What is phishing?
A common tactic where attackers send spoofed messages to trick users into revealing credentials.
What are Vishing and SMiShing?
Voice-based and text message phishing, respectively, targeting victims through different communication channels.
What is business email compromise?
Targeted attacks against executives to gain access to sensitive information or funds.
What are some mitigation strategies for social engineering?
- Training employees to recognize tactics
- Monitoring email systems
- Securing web interactions
