Module Two Flashcards
Computer Virus
malicious code written to interfere with computer ops and cause damage to data and software
Malware
software designed to harm devices or networks
Social engineering
manipulation technique that exploits human error to gain private info, access, or valuables
Phishing
use of digital comms to trick people into revealing sensitive data or deploying malicious software
BEC
- business email compromise
threat actor sends an email message that seems to be from a known source to make request for info, in order to obtain financial advantage
Spear Phishing
malicious email attack that targets specific user or group, email seems to be from trusted source
Whaling
threat actor targets company executives to access sensitive data
Vishing
exploitation of electronic voice comm to obtain sensitive info or to impersonate a known source
Worms
malware that can duplicate and spread itself across systems on its own
- does not need to be downloaded by user
- self replicates and spreads from infected computer to other devices on the same network
Ransomware
malicious attack where threat actors encrypt organization’s data and demand payment to restore access
Spyware
malware used to gather and sell info without consent
- can be used to access devices, allowing threat actors to collect personal data
Social Media Phishing
threat actor collects info about target from social media sites, then initiates attack
Watering hole attack
threat actor attacks website frequently visited by a specific group of users
USB baiting
threat actor strategically leaves a malware USB stick for an employee to find and install, to unknowingly infect a network
Physical social engineering
threat actor impersonates an employee, customer, or vendor to obtain unauthorized access to a physical location
Social Engineering Principles
- authority
- intimidation
- consensus/social proof
- scarcity
- familiarity
- trust
- urgency
CISSP Security Domains
- Certified Info Systems Security Professional
- 8 domains to organize the work of security professionals
Security and risk management
defines security goals and objectives, risk mitigation, compliance, business continuity, and the law
- ex: updating company policies for private health info due to changes to HIPAA
Asset Security
secures digital/physical assets, also related to the storage, maintenance, retention, and destruction of data
- ex: proper disposal of old equipment that once housed private data
Security architecture and engineering
optimizes data security by ensuring effective tools, systems, and processes are in place
- ex: configuring a firewall
Communication and Network Security
manage and secure physical networks and wireless comms
- ex: analyze user activity within org
Identity and access management
keeps data secure by ensuring users follow est policies to control and manage physical assets, like office spaces, and logical assets, such as networks and applications
- ex: setting up employee keycard access
Security assessment and testing
conducting security control testing, collecting and analyzing data, and conducting security audits to monitor for risks, threats, and vulnerabilities
- ex: conducting audit of user permissions to ensure correct level of access
Security operations
conducting investigations and implementing preventative measures
- ex: you receive an alert that an unknown device has connected to your internal network, and have to follow est procedure to stop potential threat
Software Development Security
uses secure coding practices, which are a set of recommended guidelines to create secure apps and services
- ex: advise on password policies for a new app in development
Password attack
attempt to access password-secured devices, systems, networks, or data
fall under communication and network security domain
Physical attack
incident that affects not only digital but also physical environments where the incident is deployed
- malicious USB cable, flash drive, card cloning and skimming
Adversarial artificial intelligence
technique that manipulates ai and machine learning tech to conduct attacks more efficiently
- falls under comm/network security and the identity and access management domains
supply-chain attack
targets systems, applications, hardware, and/or software to locate a vulnerability where malware can be deployed
- falls under: security and risk management, security architecture and engineering, and security ops domains
Cryptographic attack
affects secure forms of comm between sender and intended recipient
- forms: birthday, collision, downgrade
- falls under comm and network security domain
advanced persistent threats
have significant expertise accessing orgs network without authorization
- tend to research targets in advance
- motives: damaging critical infrastructure, gaining access to IP
Insider Threats
abuse their authorized access to obtain data that nay harm an org
- motives: sabotage, corruption, espionage, unauthorized data access or leaks
Hacktivists
driven by political agenda
-motives: demonstrations, propaganda, social change campaigns, fame
hacker
person who uses computers to gain access to computer systems, networks, or data
- ethical hackers, semi-authorized (research for vulnerabilities), unethical/unauthorized
