Module 1 Flashcards
A hacker set up an open [blank] wireless hotspot posing as a legitimate wireless network.
Rouge
[blank] gathers and encrypts corporate data. The attackers hold the company’s data for ransom until they are paid.
Ransomware
- Infiltrated Windows operating system.
- Targeted Step 7 software that controls programmable logic controllers (PLCs) to damage the centrifuges in nuclear facilities.
- Transmitted from the infected USB drives into the PLCs eventually damaging many centrifuges.
Stuxnet Worm
- Known as script kiddies.
- Have little or no skill.
- Use existing tools or instructions found on the Internet to launch attacks.
Amateurs
Protect against organizations or governments.
- Posts articles and videos.
- Leak information.
- Disrupt web services with DDoS attacks.
Hactivists
Much hacking activity is motivated by [blank].
Cybercriminals want to generate cash flow
Financial gain
Nation states are also interested in using cyberspace.
- Hacking other countries
- Interfering with internal politics
- Industrial espionage
- Gain significant advantage in international trade
Trade Secrets and Global Politics
Connected things to improve quality of life.
Internet of Things (IoT)
- Took down many websites.
- Compromised webcams, DVRs, routers, and other IoT devices formed a botnet.
- The hacker controlled botnet created the [blank] attack that disabled essential Internet services.
DDoS attack against domain name provider, Dyn
Any information that can be used to positively identify an individual
Personally identifiable information (PII)
Creates and maintains electronic medical records (EMRs)
Protected Health Information (PHI)
Provides a broad range of services:
- Monitoring
- Management
- Comprehensive threat solutions
- Hosted security
Security Operations Centers (SOCs)
Major elements of a SOC
People, Processes, Technology
Begins with monitoring security alert queues
Verifies if an alert triggered in the ticketing software represents a true security incident
The incident can be forwarded to investigators, or resolved as a false alarm
Tier 1 Alert Analyst
Deep Investigator
Advises remediation
Tier 2 Incident Responder
In-depth knowledge
Threat hunting
Preventive measures
Tier 3 Subject Matter Expert (SME)/Hunter
Manages all the resources of the SOC and serves as the point of contact for the larger organziation of customer
SOC Manager
These professionals have expert-level skill in network, endpoint, threat intelligence, and malware reverse engineering
Tier 3 Subject Matter Expert (SME)/Hunter
These professionals are responsible for deep investigation of incidents and advise remediation or action to be taken
Tier 2 Incident Responder
A “five nines” uptime means that the network is up 99.999% of the time (or down for no more than [blank])
5 minutes a year
Provides a valuable first step in acquiring the knowledge and skills needed to work with a SOC team
CCNA Cyber Ops
A vendor neutral IT professional certification
CompTIA Cybersecurity Analyst Certification (CSA+)
An international non-profit organization that offers the highly acclaimed CISSP certification
(ISC)^2 Information Security Certifications
