Threat Actors

Question 1

What is Espionage?

Answer 1

• Spying on individuals, organizations, or nations to gather sensitive or classified information.

Question 2

What is the popular term used to classify the lowest skilled threat actors?

Answer 2

Script kiddies

Question 3

What method are script kiddies likely to adopt?

Answer 3

Pre-made software or scripts to exploit computer systems and networks.

Question 4

What are hactivists?

Answer 4

Individuals or groups that use their technical skills to promote a cause or drive social change instead of for personal gain.

Question 5

What is hacktivism?

Answer 5

Activities in which the use of hacking and other cyber techniques is used to promote or advance a political or social cause.

Question 6

What is Website Defacement?

Answer 6

Form of electronic graffiti and is usually treated as an act of vandalism.

Question 7

What is Doxing?

Answer 7

Involves the public release of private information about an individual or organisation.

Question 8

What are organised cybercrime groups?

Answer 8

Sophisticated and well structured entities that leverage resources and technical skills for illicit gain.

Question 9

What is a Nation-state Actor?

Answer 9

• Groups or individuals that are sponsored by a government to conduct cyber operations against other nations, organizations, or individuals.

Question 10

What is a False Flag Attack?

Answer 10

• Attack that is orchestrated in such a way that it appears to originate from a different source or group than the actual perpetrators, with the intent to mislead investigators and attribute the attack to someone else.

Question 11

What is Distributed Denial of Service (DDoS) Attacks?

Answer 11

Attempting to overwhelm the victim’s systems or networks so that they cannot be accessed by the organization’s legitimate users

Question 12

Name 3 techniques used by nation-state actors?

Answer 12

■ Creating custom malware
■ Using zero-day exploits
■ Becoming an advanced persistent threats

Question 13

What does ATP stand for?

Answer 13

Advanced Persistent Threat (APT)

Question 14

What does the term ATP describe?

Answer 14

A prolonged and targeted cyberattack in which an intruder gains unauthorised access to a network and remains undetected for an extended period while trying to steal data or monitor network activities rather than cause immediate damage

Question 15

To mitigate the risk of an insider threat being successful, organizations should implement the following
(4)

Answer 15

● Zero-trust architecture
● Employ robust access controls
● Conduct regular audits
● Provide effective employee security awareness programs

Question 16

What is shadow IT?

Answer 16

Use of information technology systems, devices, software, applications, and services without explicit organizational approval outside of, and without the knowledge of, the IT department.

Question 17

Why does Shadow IT exist?

Answer 17

An organization’s security posture is actually set too high or is too complex for business operations to occur without be negatively affected.

Question 18

What is a Threat Vector?

Answer 18

Means or pathway by which an attacker can gain unauthorised access to a computer or network to deliver a malicious payload or carry out an unwanted action.

Question 19

What does the term Attack Surface describe?

Answer 19

Encompasses all the various points where an unauthorized user can try to enter data to or extract data from an environment.

Question 20

What are three ways an attack surface can be minimised?

Answer 20

● Restricting Access
● Removing unnecessary software
● Disabling unused protocols

Question 21

What is a message-based threat vector?

Answer 21

Message-based threat vectors include threats delivered via email, simple message service (SMS text messaging), or other forms of instant messaging

Question 22

What are Image-based threat vectors?

Answer 22

Image-based threat vectors involve the embedding of malicious code inside of an image file by the threat actor.

Question 23

What is vhishing?

Answer 23

Use of voice calls to trick victims into revealing their sensitive information to an attacker

Question 24

What is baiting?

Answer 24

Attacker might leave a malware-infected USB drive in a
location where their target might find it, such as in the parking lot or the lobby of the targeted organization

Question 25

What is the BlueBorne technique?

Answer 25

Set of vulnerabilities in Bluetooth technology that can allow an attacker to take over devices, spread malware, or even establish an on-path attack to intercept communications without any user interaction

Question 26

What is the BlueSmack technique?

Answer 26

Type of Denial of Service attack that targets Bluetooth-enabled devices by sending a specially crafted Logical Link Control and Adaptation Protocol packet to a target device

Question 27

List 6 threat vectors that can be used to attack your enterprise networks

Answer 27

• Messages
• Images
• Files
• Voice Calls
• Removable Media
• Unsecure Networks

Question 28

What does TTPs stand for?

Answer 28

Tactics, Techniques, and Procedures (TTPs)

Question 29

What is meant by Tactics, Techniques, and Procedures (TTPs) ?

Answer 29

Specific methods and patterns of activities or behaviors associated with a particular threat actor or group of threat actors.

Question 30

What are Honeypots?

Answer 30

Decoy system or network set up to attract potential hackers.

Question 31

What are Honeynets?

Answer 31

Network of honeypots to create a more complex system that is designed to mimic an entire network of systems.

Question 32

What are Honeyfiles?

Answer 32

Decoy file placed within a system to lure in potential attackers.

Question 33

What are Honeytokens?

Answer 33

Piece of data or a resource that has no legitimate value or use but is monitored for access or use.x

Question 34

What is port triggering

Answer 34

Security mechanism where specific services or ports on a network device remain closed until a specific outbound traffic pattern is detected