Outsmarting threat actors Flashcards

SY0-701

1
Q

TTP (Tactics techniques and procedures)

A

methods and patters of activities or behaviors associated with a particular threat actor or group of threat actors

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
2
Q

Deception and disruption tech

A

designed to mislead, confuse, and divert attackers from critical assets all while detecting and neutralizing threats

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
3
Q

Honeypot

A

decoy system or network designed to attract a potential hacker. Designed to not block attacker but gathering data on attackers tactics. Designed to log all transactions and actions

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
4
Q

Where to install

A

In an enterprise network place it within a screened subnet or isolated segment that is easily accessed by potential attackers

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
5
Q

Honeynet

A

network of honeypots create a more complex system that is designed to mimic an entire network. Also logs all activities both successful and unsuccessful. Risk that it can be used to learn network

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
6
Q

Honeyfile

A

decoy file placed within a system to lure in potential attackers. Contains sensitive data. Alert is given to security team. Some files can provide hackers info on network

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
7
Q

Types of honeyfiles

A

word docs, spreadsheet, presentation files, images, database files, executables. Typically embedded, usually loosely placed

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
8
Q

Honeytoken

A

piece of data or resource that has no legitimate value or use but it monitors for access

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
9
Q

Types of strategies that work in conjunction

A

bogus dns entries, decoy directories, generating dynamic pages using port tiggering

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
10
Q

Bogus DNS

A

fake DNS entries introduced into systems dns server

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
11
Q

Decoy directores

A

fake folders and files palced within a systems storage. System will raise alert when accessed

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
12
Q

Dynamic page generation

A

used in websites to present ever chaning content to we brawlers to oncuse and slow the the threat actor

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
13
Q

port triggering

A

security mechanism where specific services or ports on a network device remain closed until a specific out outbound traffic pattern is detected

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
14
Q

Fake telemetry data

A

system can respond to an attackers network scan attempt by sending out fake telemetry or network data

How well did you know this?
1
Not at all
2
3
4
5
Perfectly