Threat Actor

Question 1

Threat actor

Answer 1

An individual or entity responsible for incidents that impact security and data protection

Question 2

Threat actor attributes

Answer 2

Specific characteristics or properties that define and differentiate various threat actors from one another

Question 3

Unskilled Attackers

Answer 3

Individuals with limited technical expertise who use readily available tools like downloaded scripts or exploits to carry out attacks

Question 4

Hactivists

Answer 4

Cyber attackers who carry out their activities driven by political, social, or environmental ideologies who often want to draw attention to a specific cause

Question 5

Organized crime

Answer 5

Well structured groups that execute cyberattacks from financial gain, usually through methods like ransomware, id theft, or credit card fraud

Question 5

Nation state actors

Answer 5

Highly skilled attackers that are sponsored by governments to carry out cyber espionage, sabotage, or cyber warfare against other nation states or specific targets in a variety of industries

Question 6

Insider threates

Answer 6

Threats that occur from within the org

Question 7

Shadow IT

Answer 7

IT systems, devices, software, applications, and services that are managed an utilized without explicit org approval

Question 8

Honeypots

Answer 8

Decoy systems or servers designed to attract and deceive potential attackers, simulating real world IT assets to study their techniques

Question 9

Honeynet

Answer 9

Creates an entire network of decoy systems to observe complex, multi stage attacks

Question 10

Honey files

Answer 10

Decoy files placed within systems to detect unauthorized access or data breaches

Question 11

Honey tokens

Answer 11

Fake pieces of data, like fabricated use credential, inserted into databases or systems to alert admins when they are accessed or used