S3 - THREAT ACTORS Flashcards

1
Q

There are 10 types of actor motivations. Name at the most commons ones

A

Data Exfiltration (cxc), Financial Gain, Espionage, Revenge, Ethical (pentest) ||| War, Sevice Disruption, Blackmail, Political Beliefs, Chaos

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
2
Q

Name the three types of Threat Attributes

A

Internal vs External, Resource and Funding, Capability

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
3
Q

Caracterist of unskilled attacker

A

“Script Kiddie”, can’t develop his own hacking tools, lacks technical knowledge, seeks some king of recognition. Can still cause harm and losses

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
4
Q

Caracteristics of Hacktivist

A

Individual who enagages in hacktivism, movitated by social or political cause. Likley skilled

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
5
Q

Caracteristics of Organized Cyber Crime Grupos

A

High technical skills, driven by financial gain, well-structured

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
6
Q

Its common that a Nation-State actor use a false flag attack. What is it?

A

A false flag attack is an attack that can be falsely tracked back into another country or institution (ex: South Korea olimpics, was tracked with some North korean common technologies but was from Russians) THEY ARE SOPHISTICATED, zero day exploits

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
7
Q

Insider Threat caracteristics

A

Threats that originate from within the organization

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
8
Q

What is Shadow IT?

A

Is the use of any Technology System (hardware or software) without your organization approval

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
9
Q

Define Threat Vector and name three of them

A

Threat vector is the mean that the attacker will use to attack. Like a message, image, file, voice call, Removable devices, unsecured networks.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
10
Q

Name the 4 baits or honeys (explain them)

A

Honeypot (bait system), Honeynet (bait net, with router, system and switches), Honeyfiles (bait files, watermarked), Honeytokens (fake users or tokens)

How well did you know this?
1
Not at all
2
3
4
5
Perfectly