Threat Actors Flashcards

1
Q

What is Espionage?

A
  • Spying on individuals, organizations, or nations to gather sensitive or classified information.
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
2
Q

What is the popular term used to classify the lowest skilled threat actors?

A

Script kiddies

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
3
Q

What method are script kiddies likely to adopt?

A

Pre-made software or scripts to exploit computer systems and networks.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
4
Q

What are hactivists?

A

Individuals or groups that use their technical skills to promote a cause or drive social change instead of for personal gain.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
5
Q

What is hacktivism?

A

Activities in which the use of hacking and other cyber techniques is used to promote or advance a political or social cause.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
6
Q

What is Website Defacement?

A

Form of electronic graffiti and is usually treated as an act of vandalism.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
7
Q

What is Doxing?

A

Involves the public release of private information about an individual or organisation.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
8
Q

What are organised cybercrime groups?

A

Sophisticated and well structured entities that leverage resources and technical skills for illicit gain.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
9
Q

What is a Nation-state Actor?

A
  • Groups or individuals that are sponsored by a government to conduct cyber operations against other nations, organizations, or individuals.
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
10
Q

What is a False Flag Attack?

A
  • Attack that is orchestrated in such a way that it appears to originate from a different source or group than the actual perpetrators, with the intent to mislead investigators and attribute the attack to someone else.
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
11
Q

What is Distributed Denial of Service (DDoS) Attacks?

A

Attempting to overwhelm the victim’s systems or networks so that they cannot be accessed by the organization’s legitimate users

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
12
Q

Name 3 techniques used by nation-state actors?

A

■ Creating custom malware
■ Using zero-day exploits
■ Becoming an advanced persistent threats

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
13
Q

What does ATP stand for?

A

Advanced Persistent Threat (APT)

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
14
Q

What does the term ATP describe?

A

A prolonged and targeted cyberattack in which an intruder gains unauthorised access to a network and remains undetected for an extended period while trying to steal data or monitor network activities rather than cause immediate damage

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
15
Q

To mitigate the risk of an insider threat being successful, organizations should implement the following
(4)

A

● Zero-trust architecture
● Employ robust access controls
● Conduct regular audits
● Provide effective employee security awareness programs

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
16
Q

What is shadow IT?

A

Use of information technology systems, devices, software, applications, and services without explicit organizational approval outside of, and without the knowledge of, the IT department.

17
Q

Why does Shadow IT exist?

A

An organization’s security posture is actually set too high or is too complex for business operations to occur without be negatively affected.

18
Q

What is a Threat Vector?

A

Means or pathway by which an attacker can gain unauthorised access to a computer or network to deliver a malicious payload or carry out an unwanted action.

19
Q

What does the term Attack Surface describe?

A

Encompasses all the various points where an unauthorized user can try to enter data to or extract data from an environment.

20
Q

What are three ways an attack surface can be minimised?

A

● Restricting Access
● Removing unnecessary software
● Disabling unused protocols

21
Q

What is a message-based threat vector?

A

Message-based threat vectors include threats delivered via email, simple message service (SMS text messaging), or other forms of instant messaging

22
Q

What are Image-based threat vectors?

A

Image-based threat vectors involve the embedding of malicious code inside of an image file by the threat actor.

23
Q

What is vhishing?

A

Use of voice calls to trick victims into revealing their sensitive information to an attacker

24
Q

What is baiting?

A

Attacker might leave a malware-infected USB drive in a
location where their target might find it, such as in the parking lot or the lobby of the targeted organization

25
Q

What is the BlueBorne technique?

A

Set of vulnerabilities in Bluetooth technology that can allow an attacker to take over devices, spread malware, or even establish an on-path attack to intercept communications without any user interaction

26
Q

What is the BlueSmack technique?

A

Type of Denial of Service attack that targets Bluetooth-enabled devices by sending a specially crafted Logical Link Control and Adaptation Protocol packet to a target device

27
Q

List 6 threat vectors that can be used to attack your enterprise networks

A
  • Messages
  • Images
  • Files
  • Voice Calls
  • Removable Media
  • Unsecure Networks
28
Q

What does TTPs stand for?

A

Tactics, Techniques, and Procedures (TTPs)

29
Q

What is meant by Tactics, Techniques, and Procedures (TTPs) ?

A

Specific methods and patterns of activities or behaviors associated with a particular threat actor or group of threat actors.

30
Q

What are Honeypots?

A

Decoy system or network set up to attract potential hackers.

31
Q

What are Honeynets?

A

Network of honeypots to create a more complex system that is designed to mimic an entire network of systems.

32
Q

What are Honeyfiles?

A

Decoy file placed within a system to lure in potential attackers.

33
Q

What are Honeytokens?

A

Piece of data or a resource that has no legitimate value or use but is monitored for access or use.x

34
Q

What is port triggering

A

Security mechanism where specific services or ports on a network device remain closed until a specific outbound traffic pattern is detected