Risk Management Flashcards
Threat Actors
Anyone or anything with the motive and resources to attack another’s IT infrastructure
Examples include: Hackers Hacktivists Script kiddies Insiders Competitors Shadow IT Criminal syndicates State actors (nation states) Advanced persistent threat (APT)
Vulnerability
Weakness in an asset.
Threat
Action that a threat actor can use against a vulnerability to cause harm.
Risk
LIkelihood of a threat actor taking advantage of a vulnerability by using a threat against an IT asset.
Asset
Any part of IT infrastructure that has value
Likelihood
Probability of assets being damaged over time.
CIA Triad
Confidentiality
Integrity
Availability
Exploit
Takes advantage of vulnerabilities
Attack Vectors
Pathways to gain access to restricted systems
What is TTP?
Adversary tactics, techniques, and procedures.
What doe AIS stand for?
Automated Indicator Sharing
What does AIS do?
Exchanges cybersecurity intelligence between entities
What is OSINT?
Stands for open-source intelligence. It refers to publicly available cybersecurity intelligence sources.
What does CVE stand for?
Common vulnerabilities and exposures
What is the dark web or dart net?
An encrypted and anonymized Internet access mechanism allowing access to unindexed content