Brainscape's Knowledge GenomeTM


Top Flashcards (Certified)
All Flashcards

Sec+ > Threat Actors > Flashcards

Threat Actors Flashcards

1
Q

Threat Actor Motivations

What is the difference between threat actors’ intent and motivation?

A

Intent is the specific objective or goal that a threat actor aims to achieve, while motivation refers to the underlying reasons or driving forces behind the attack.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
2
Q

Threat Actor Motivations

What does the term ‘Data Exfiltration’ refer to?

A

Unauthorized transfer of data from a computer.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
3
Q

Threat Actor Motivations

How can threat actors achieve Financial Gain?

A

Through various means such as ransomware attacks or banking trojans that steal financial information.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
4
Q

Threat Actor Motivations

What is Blackmail in the context of cyber threats?

Threat Actor Motivations

A

Obtaining sensitive information and threatening to release it unless demands are met.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
5
Q

Threat Actor Motivations

What is the goal of Service Disruption by threat actors?

A

To disrupt the services of organizations, cause chaos, make political statements, or demand ransom.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
6
Q

Threat Actor Motivations

What is hacktivism?

A

Attacks conducted due to the philosophical or political beliefs of the attackers.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
7
Q

Threat Actor Motivations

What motivates ethical hackers?

A

A desire to improve security.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
8
Q

Threat Actor Motivations

What can be a motivation for a threat actor seeking Revenge?

A

Targeting an entity believed to have wronged them.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
9
Q

Threat Actor Motivations

What does the term ‘Disruption or Chaos’ imply in cyber threats?

A

Creating and spreading malware or launching cyberattacks against critical infrastructure.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
10
Q

Threat Actor Motivations

What is Espionage in the context of cyber threats?

A

Spying on individuals, organizations, or nations to gather sensitive or classified information.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
11
Q

Threat Actor Motivations

What is the impact of Cyber Warfare?

A

Disruption of a country’s infrastructure, compromise of national security, and economic damage.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
12
Q

Threat Actor Attributes

What are Internal Threat Actors?

A

Individuals or entities within an organization who pose a threat to its security

Internal threat actors can include employees, contractors, or anyone with access to organizational resources.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
13
Q

Threat Actor Attributes

What are External Threat Actors?

A

Individuals or groups outside an organization who attempt to breach its cybersecurity defenses

External threat actors often include hackers, cybercriminals, and competitors.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
14
Q

Threat Actor Attributes

What factors influence the capabilities of a threat actor?

A

Resources and funding available to the specific threat actor
* Tools, skills, and personnel at the disposal of a given threat actor
* Level of sophistication and capability of the specific threat actor

Resources can dictate the extent of attacks, while sophistication refers to their ability to bypass security measures.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
15
Q

Threat Actor Attributes

What does the level of sophistication refer to in cybersecurity?

A

Refers to their technical skill, the complexity of the tools and techniques they use, and their ability to evade detection and countermeasures

Sophisticated actors often employ advanced methods to achieve their objectives.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
16
Q

Threat Actor Attributes

What are script kiddies?

A

Individuals with limited technical knowledge who use pre-made software or scripts to exploit computer systems and networks

Script kiddies typically do not create their own tools.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
17
Q

Threat Actor Attributes

Who are considered high-level threat actors?

A

Nation-state actors, Advanced Persistent Threats (APTs), and others with high levels of sophistication and capabilities

These actors possess advanced technical skills and often target critical infrastructure.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
18
Q

Threat Actor Attributes

Fill in the blank: The lowest skilled threat actors are classified as _______.

A

script kiddies

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
19
Q

What are hacktivists?

A

Individuals or groups that use their technical skills to promote a cause or drive social change instead of for personal gain

Hacktivists operate based on ideological beliefs.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
20
Q

Define hacktivism.

A

Activities in which the use of hacking and other cyber techniques is used to promote or advance a political or social cause

Hacktivism combines hacking with activism.

21
Q

What motivates hacktivists?

A

Primarily motivated by their ideological beliefs rather than trying to achieve financial gains

This distinguishes them from traditional hackers.

22
Q

What are organized cybercrime groups?

A

Groups or syndicates that conduct criminal activities in the digital world

They are sophisticated and well-structured, using resources and technical skills for illicit gain.

23
Q

What is a key characteristic of the technical capabilities of organized crime groups?

A

They possess a very high level of technical capability and employ advanced hacking techniques and tools

Examples include custom malware, ransomware, and sophisticated phishing campaigns.

24
Q

List some illicit activities organized cybercrime groups engage in to generate revenue.

A
  • Data Breaches
  • Identity Theft
  • Online Fraud
  • Ransomware Attacks

These activities are aimed at financial gain for their members.

25
True or False: Organized cybercrime groups are driven by ideological or political objectives.
False ## Footnote Unlike hacktivists or nation-state actors, their main objective is money.
26
What may organized cybercrime groups be hired to do?
Conduct cyber operations and attacks on behalf of other entities, including governments ## Footnote This can involve attacks that take place in the political sphere, but the motivation remains financial.
27
What is a Nation-state Actor?
Groups or individuals that are sponsored by a government to conduct cyber operations against other nations, organizations, or individuals ## Footnote Nation-state actors may engage in various forms of cyber warfare, espionage, or sabotage.
28
What is a False Flag Attack?
An attack orchestrated to appear as if it originates from a different source or group than the actual perpetrators to mislead investigators ## Footnote False flag attacks can be used to create confusion and misattribution in cyber conflicts.
29
What capabilities do Nation-state actors possess?
Advanced technical skills and extensive resources, capable of conducting complex, coordinated cyber operations ## Footnote Techniques include creating custom malware, using zero-day exploits, and becoming advanced persistent threats.
30
Define Advanced Persistent Threat (APT).
A prolonged and targeted cyberattack where an intruder gains unauthorized access to a network and remains undetected to steal data or monitor activities ## Footnote APTs are often sponsored by nation-states or their proxies, such as organized cybercrime groups.
31
What is the primary motivation of Nation-state actors?
To achieve their long-term strategic goals rather than seeking financial gain ## Footnote This differentiates them from other cybercriminals who may be motivated by profit.
32
True or False: Advanced Persistent Threats are always financially motivated.
False
33
List techniques employed by Nation-state actors.
* Creating custom malware * Using zero-day exploits * Becoming advanced persistent threats
34
What are insider threats?
Cybersecurity threats that originate from within the organization.
35
What factors can vary among insider threats?
Levels of capabilities.
36
What are the different forms of insider threats?
* Data Theft * Sabotage * Misuse of access privileges
37
What is a common motivation for insiders who aim to harm the organization?
Revenge.
38
What is Shadow IT?
Use of information technology systems, devices, software, applications, and services without explicit organizational approval ## Footnote Shadow IT can pose security risks and compliance issues for organizations.
39
What characterizes IT-related projects in Shadow IT?
IT-related projects that are managed outside of, and without the knowledge of, the IT department ## Footnote This often leads to a lack of oversight and potential security vulnerabilities.
40
What is a Threat Vector?
Means or pathway by which an attacker can gain unauthorized access to a computer or network to deliver a malicious payload or carry out an unwanted action ## Footnote Threat vectors can include various methods such as phishing, malware, and exploiting vulnerabilities.
41
What does Attack Surface refer to?
Encompasses all the various points where an unauthorized user can try to enter data to or extract data from an environment ## Footnote A larger attack surface increases the risk of unauthorized access.
42
How can the Attack Surface be minimized?
By: * Restricting Access * Removing unnecessary software * Disabling unused protocols ## Footnote These measures help to reduce potential entry points for attackers.
43
What are the different threat vectors that could be used to attack enterprise networks?
Messages, Images, Files, Voice Calls, Removable Devices, Unsecure Networks ## Footnote These vectors represent various methods through which cyber attacks can be executed.
44
What is a honeypot?
Decoy system or network set up to attract potential hackers ## Footnote Used to gather information on attack methods and techniques.
45
What are honeynets?
Network of honeypots designed to mimic an entire network of systems ## Footnote Includes components like servers, routers, and switches.
46
What are the components of a honeynet?
* Servers * Routers * Switches ## Footnote These components create a complex environment for monitoring and studying attacks.
47
What is a honeyfile?
Decoy file placed within a system to lure in potential attackers ## Footnote Used to detect unauthorized access and gather data on attack methods.
48
What are honeytokens?
Piece of data or a resource that has no legitimate value or use but is monitored for access or use ## Footnote Helps in identifying unauthorized access and tracking attacker behavior.
49
What are some disruption technologies and strategies used to secure the enterprise network
* Bogus DNS entries * Creating decoy directories * Dynamic page generation * Use of port triggering to hide services * Spoofing fake telemetry data

Sec+ (11 decks)

Brainscape helps you reach your goals faster, through stronger study habits.
© 2025 Bold Learning Solutions. Terms and Conditions