Threat Actors and Vectors

Question 1

The entity responsible for an event that has an impact on the safety of another entity. Also called a malicious actor.

Answer 1

Threat Actor

Question 2

Attackers are in the network an undetected. It usually takes 71 days for a company to realized they are there in the U.S.

Answer 2

Advanced Persistent Threat (APT)

Question 3

Type of Threat Actor. Contractors or employees who work already inside the organization. Their attacks might not be as sophisticated. But they know things that a hacker doesn’t.

Answer 3

Insider Threat Actors

Question 4

It’s usually a government. They have the highest sophistication.

Answer 4

Nation State Threat Actors

Question 5

A hacker and an activist.

Answer 5

Hacktivist

Question 6

Focused on running premade simple scripts to gain access in a network. They don’t have the knowledge or experience to gain that access.

Answer 6

Script Kiddie

Question 7

Set of professional criminals always motivated by financial gain.

Answer 7

Organized Crime

Question 8

Refers to an expert with technology. Could be working for good or for malicious reasons.

Answer 8

Hacker

Question 9

You perform your own IT functions without interacting with your IT department. This can lead to security risks, compliance issues, and wast of time and money.

Answer 9

Shadow IT

Question 10

Business competition that would love to see you out of the market so they perform DoS, espionage, or anything related to affect your business.

Answer 10

Competitors Threat Actors

Question 11

The method in which an attacker uses to gain access or infect the target.

Answer 11

Attack Vector

Question 12

When an attacker has direct access to the hardware of a data center. Hence why companies lock down their data centers. I.e includes keyloggers.

Answer 12

Direct Access Attack Vector

Question 13

Make sure the access point is secure. Not use default credentials for an attacker to access. Make sure is not designed to allow rogue access points.

Answer 13

Wireless Attack Vectors

Question 14

The method that uses phishing, social engineering techniques, and ways to deliver malware by attaching to a message.

Answer 14

Email Attack Vectors

Question 15

Attackers can gather a lot of information such as location, family relationships, email, through this method. Very common method use for profiling.

Answer 15

Social Media attack vectors

Question 16

New wave of attack vectors through this newer technology. These applications are often publicly facing, and their configuration as well. They can have security misconfigurations, brute force attacks, or using DoS to increase load.

Answer 16

Cloud Based Attack Vectors

Question 17

Researching threats that can be dangerous to your organization. Example: OSINT, OWAST top 10.

Answer 17

Threat Intelligence

Question 18

Common source of threat intelligence. These compile information from researches that found a vulnerability and then report their research and publish it to share with others.

Answer 18

Vulnerability Databases

Question 19

Popular vulnerability database sponsored by the U.S. department of Homeland Security.

Answer 19

Common Vulnerabilities and Exposures database -CVE

Question 20

Where members upload information they have about a particular threat and is available to other members of the CTA and validate to the information. Way to react faster with higher quality of information.

Answer 20

Cyber Threat Intelligence - CTA

Question 21

Service the Cybersecurity and Infrastructure Security Agency (CISA) provides to enable real-time exchange of machine-readable cyber threat indicators and defensive measures between public and private-sector organizations.

Answer 21

Automated Indicator Sharing AIS

Question 22

A structured language for describing cyber threat information so it can be shared, stored, and analyzed in a consistent manner.

Answer 22

Structured Threat Information Expression (STIX™)

Question 23

the format through which threat intelligence data is transmitted.

Answer 23

Trusted Automated eXchange of Intelligence Information (TAXII)

Question 24

Clues and evidence of a data breach/intrusion.

Answer 24

Indicator of Compromise - IOC

Question 25

Analyzing large data quickly, identifying behaviors, DNS queries

Answer 25

Predictive Analysis

Question 26

Give a visual perspective of where attacks are originating and where are they going to.

Answer 26

Threat Maps

Question 27

group of individuals or organizations that collaborate to engage in illegal activities for profit or other illicit purposes.

Answer 27

Criminal Syndicate