Module 2.2 Flashcards
(22 cards)
A potential danger to an asset such as data or the network itself.
Threat
A weakness in a system or its design that a threat could exploit
Vulnerability
The total sum of the vulnerabilities in a given system that is accessible to an attacker. It describes different points where an attacker could get into a plan and where they could get data out of the system.
Attack surface
The mechanism that is used to leverage a vulnerability to compromise an asset. It may be remote or local
Exploit
The likelihood that a particular threat will exploit a specific vulnerability of an asset and result in an undesirable consequence.
Risk
Works over the network without prior access to the target system. The attacker does not need an account in the end system to exploit the vulnerability.
Remote exploit
The threat actor has some user or administrative access to the end system. A local exploit does not necessarily mean the attacker has physical access to the end system
Local exploit
This is when the cost of risk management options outweighs the cost of the risk itself. The risk is accepted, and no action is taken.
Risk acceptance
This means avoiding any exposure to the risk by eliminating the activity or device that presents the danger. Removing an activity to prevent risk, and any possible benefits from the training are also lost.
Risk avoidance
This reduces exposure to risk or the impact of risk by taking action to decrease the risk. It is the most commonly used risk mitigation strategy. This strategy requires careful evaluation of the costs of loss, the mitigation strategy, and the benefits gained from the operation or activity at risk.
Risk reduction
Some or all of the risk is transferred to a willing third party, such as an insurance company.
Risk transfer
Ethical hackers who use their programming skills for good, ethical, and legal purposes.
White hat hackers
Individuals who commit crimes and do arguably unethical things, but not for personal gain or to cause damage.
Grey hat hackers
Unethical criminals who violate computer and network security for personal gain or for malicious reasons, such as attacking networks. Exploit vulnerabilities to compromise computer and network systems.
Black hat hackers
Emerged in the 1990s and refer to teenagers or inexperienced threat actors running existing scripts, tools, and exploits to cause harm, but typically not for profit.
Script kiddies
Typically refer to grey hat hackers who attempt to discover exploits and report them to vendors, sometimes for prizes or rewards.
Vulnerability brokers
A term that refers to grey hat hackers who rally and protest against different political and social ideas. Publicly protest against organizations or governments by posting articles, and videos, leaking sensitive information and performing distributed denial of service (DDoS) attacks.
Hacktivists
A term for black hat hackers who are self-employed or working for large cybercrime organizations. Steal billions of dollars from consumers and businesses each year.
Cybercriminals
Threat actors who steal government secrets, gather intelligence, and sabotage networks of foreign governments, terrorist groups, and corporations.
State-sponsored
Are threat actors motivated to make money using any means necessary. Operate in an underground economy where they buy, sell, and trade exploits and tools. They also buy and sell the personal information and intellectual property they steal from victims. Targets small businesses, consumers, and large enterprises and
industries
Cybercriminals
Can be features that identify malware files, IP addresses of servers used in attacks, filenames, and characteristic changes made to end system software, among others. Helps cybersecurity personnel identify what has happened in an attack and develop defenses against the attack.
Indicators of Compromise (IOCs)
Focus more on the motivation behind an attack and the potential means by which threat actors have, or will, compromise vulnerabilities to gain access to assets. Concerned with the strategies that attackers use.
Indicators of attack (IOA)
