Threat Actors Vectors and Intelligence Sources.

Question 1

Actors and Threats:
Advanced Persistent Treat (API):

Answer 1

Actor: Typically state-sponsored groups or highly organized cybercriminals.
Threat: Long-term, targeted attacks with advanced techniques aimed at stealing sensitive data or disrupting critical systems.

Question 2

Actors and Threats:
Insider Threats:

Answer 2

Actor: Individuals within an organization.
Threat: Employees, contractors, or business partners with access to internal systems may intentionally or unintentionally harm the organization.

Question 3

Actors and Threats:
State Actors:

Answer 3

Actor: Government-sponsored entities.
Threat: Engage in cyber espionage, cyber warfare, or political influence campaigns on behalf of a nation-state.

Question 4

Actors and Threats
Hacktivists:

Answer 4

Actor: Social or political activists.
Threat: Conduct cyberattacks to promote a specific cause or raise awareness, often defacing websites or disrupting services.

Question 5

Actors and Threats
Script Kiddies:

Answer 5

Actor: Inexperienced individuals.
Threat: Use readily available hacking tools and scripts to launch unsophisticated attacks for fun or personal gain.

Question 6

Actors and Threats
Criminal Syndicates:

Answer 6

Actor: Organized criminal groups.
Threat: Engage in cybercrime activities such as ransomware attacks, financial fraud, and identity theft.

Question 7

Actors and Threats
Hackers (Authorized, Unauthorized, Semi-Authorized):

Answer 7

Authorized Hackers: Security professionals hired to test and improve an organization’s security.
Unauthorized Hackers: Individuals or groups conducting illegal activities.
Semi-Authorized Hackers: Employees who may exploit their access for personal gain or curiosity.

Question 8

Actors and Threats
Shadow IT:

Answer 8

Actor: Employees or departments within an organization.
Threat: The use of unauthorized software or services that can introduce security vulnerabilities.

Question 9

Actors and Threats
Competitors:

Answer 9

Actor: Rival organizations.
Threat: Engage in corporate espionage or cyberattacks to gain a competitive advantage.

Question 10

Attributes of Actors
Internal/External:

Answer 10

Whether the threat actor is affiliated with the organization (internal) or an external entity (external).

Question 11

Attributes of Actors
Level of Sophistication/Capability:

Answer 11

The actor’s skill level and the complexity of their attacks.

Question 12

Attributes of Actors
Resources/Funding:

Answer 12

The financial and technological resources available to the actor.

Question 13

Attributes of Actors
Intent/Motivation:

Answer 13

The actor’s goals and motivations, which can range from financial gain to political objectives.

Question 14

Vectors
Direct Access:

Answer 14

Physical or remote access to a system or network.

Question 15

Vectors
Wireless:

Answer 15

Exploiting vulnerabilities in wireless networks or devices.

Question 16

Vectors
Email:

Answer 16

Phishing, spear-phishing, or email-based attacks.

Question 17

Vectors
Supply Chain:

Answer 17

Targeting vulnerabilities in the supply chain to compromise products or services.

Question 18

Vectors
Social Media:

Answer 18

Leveraging social engineering or malware through social media platforms.

Question 19

Vectors
Removable Media:

Answer 19

Attacks through USB drives or external storage devices.

Question 20

Vectors
Cloud:

Answer 20

Exploiting cloud service misconfigurations or vulnerabilities.

Question 21

Threat Intelligence Sources
Open-Source Intelligence (OSINT):

Answer 21

Publicly available information from sources like news, forums, and social media.

Question 22

Threat Intelligence Sources
Closed/Proprietary:

Answer 22

Non-public information shared within organizations or industry groups.

Question 23

Threat Intelligence Sources
Vulnerability Databases:

Answer 23

Repositories of known software vulnerabilities.

Question 24

Threat Intelligence Sources
Public/Private Information Sharing Centers:

Answer 24

Organizations and government agencies that share threat information.

Question 25

Threat Intelligence Sources
Dark Web:

Answer 25

Monitoring illicit online communities and forums.

Question 26

Threat Intelligence Sources
Indicators of Compromise (IoC):

Answer 26

Data points that indicate a security incident.

Question 27

Threat Intelligence Sources
Automated Indicator Sharing (AIS):

Answer 27

Systems for sharing IoCs among organizations.

Question 28

Threat Intelligence Sources
Structured Threat Information eXpression (STIX)/Trusted Automated eXchange of Intelligence Information (TAXII):

Answer 28

Standards for sharing threat intelligence.

Question 29

Threat Intelligence Sources
Predictive Analysis:

Answer 29

Using data analytics to predict future threats.

Question 30

Threat Intelligence Sources
Threat Maps:

Answer 30

Visual representations of real-time threat activity.

Question 31

Threat Intelligence Sources
File/Code Repositories:

Answer 31

Analyzing malware samples and code repositories.

Question 32

Research Sources
Vendor Websites:

Answer 32

Security updates and patches from software and hardware vendors.

Question 33

Research Sources
Vulnerability Feeds:

Answer 33

Real-time feeds of newly discovered vulnerabilities.

Question 34

Research Sources
Conferences:

Answer 34

Security conferences where experts share research and insights.

Question 35

Research Sources
Academic Journals:

Answer 35

Scholarly research on cybersecurity.

Question 36

Research Sources
Request for Comments (RFC):

Answer 36

Technical standards and protocols.

Question 37

Research Sources
Local Industry Groups:

Answer 37

Regional organizations focused on cybersecurity.

Question 38

Research Sources
Social Media:

Answer 38

Monitoring discussions and trends in the security community.

Question 39

Research Sources:
Threat Feeds:

Answer 39

Real-time threat data from various sources.

Question 40

Research Sources
Adversary Tactics, Techniques, and Procedures (TTP):

Answer 40

Analyzing known methods used by threat actors to infiltrate systems.