Threat Actors

Question 2

What is a common motivation for threat actors related to stealing information?

Answer 2

Data Exfiltration

Data exfiltration refers to the unauthorized transfer of data from a computer or network.

Question 3

Which motivation for threat actors involves coercing individuals or organizations for money?

Answer 3

Blackmail

Blackmail typically involves threatening to reveal information unless a demand is met.

Question 4

What type of threat actor is motivated by political, social, or environmental ideologies?

Answer 4

Hacktivists

Hacktivists use cyberattacks to promote a political agenda or social change.

Question 5

What are the two categories of threat actors based on their origin?

Answer 5

Internal vs. External Threat Actors

Internal threat actors originate from within an organization, while external threat actors come from outside.

Question 6

Name a type of threat actor that executes cyberattacks for financial gain.

Answer 6

Organized Crime

Organized crime groups may engage in activities like ransomware and identity theft.

Question 7

What is the term for IT systems and services managed without organizational approval?

Answer 7

Shadow IT

Shadow IT poses security risks as it may not comply with organizational policies.

Question 8

What type of attacker is typically highly skilled and sponsored by a government?

Answer 8

Nation-state Actor

Nation-state actors engage in cyber espionage or warfare.

Question 9

Fill in the blank: _______ are decoy systems used to attract and deceive attackers.

Answer 9

Honeypots

Honeypots are designed to lure attackers away from legitimate targets.

Question 10

What is the purpose of honeytokens?

Answer 10

To alert administrators when accessed or used

Honeytokens are fake data that trigger alerts when interacted with.

Question 11

Which threat vector involves the use of physical devices that can be easily removed?

Answer 11

Removable Devices

Examples include USB drives and external hard drives.

Question 12

True or False: Insider threats originate from external sources.

Answer 12

False

Insider threats come from individuals within the organization.

Question 13

What type of technology consists of a network of decoy systems for observing complex attacks?

Answer 13

Honeynets

Honeynets are used for research and improving security measures.

Question 14

What distinguishes unskilled attackers from other types of threat actors?

Answer 14

Limited technical expertise

Unskilled attackers rely on readily available tools rather than advanced skills.

Question 15

Name a motivation for threat actors that involves causing chaos or disruption.

Answer 15

Disruption/Chaos

Some attackers aim to create disorder rather than achieve specific gains.

Question 16

What are the three types of deception technologies mentioned?

Answer 16

• Honeypots
• Honeynets
• Honeyfiles

Each serves a different purpose in deceiving attackers and gathering intelligence.

Question 17

Fill in the blank: _______ refers to security threats originating from within the organization.

Answer 17

Insider Threats

Insider threats can be intentional or unintentional actions that compromise security.