threat agents

Question 1

Internal Threat

Answer 1

disgruntled employees both current and former of all types and customers who seek to retain organization information threw means of exploiting their inherent privileges for either revenge or monetary gain

Question 2

external threat

Answer 2

individual or groups that attack from outside and seek to gain unauthorized access to data .

Question 3

persistent threat

Answer 3

try to gain access while at the same time staying unnoticed

they also go to great lengths to make sure they are not found in the network

Question 4

Non persistent threat

Answer 4

only concerned with gaining access to the system and stealing information
attack is usually one time event and attacker does not care if noticed

Question 5

open source inteligence (OSINIT)

Answer 5

threat actor seeks open-source information to gain information about an organization. this information is open source and does not require hacking into the organization system

Question 6

open source intelligence include the following?

Answer 6

media
internet
public government

Question 7

list of insider

Answer 7

employee 
janitor 
security guards
former employees 
customers

Question 8

reasons an insider would betray an organization

Answer 8

disgruntled with employer

bribed by competitor company

seeking personal financial gain

Question 9

insider

Answer 9

a person who can do serious damage to an organization. insiders are one of the most over looked people in an organization

Question 10

how to protect against insider?

Answer 10

require mandatory vacations

create and follow onboard and
off-board procedures

employ the principal of least privilege

have appropriate physical security control in places

require security training tailored to the role of the employee

Question 11

unintentional insider threat actor

Answer 11

a employee who accidentally destroys data

Question 12

script kiddie

Answer 12

individual that uses programs made by more advanced hackers to carry out an attack.

typically lack the knowledge to create there own program

motivated by impressing friends and getting attention in hacking community

because of lack of knowledge they usually exploit well known vulnerabilities in systems

Question 13

how to protect against script kiddie?

Answer 13

keep systems up to date and use standard security practices

Question 14

hacktivists

Answer 14

politicaly motivated attacks

dont seek financial gain but to expose, defame and shed light on organizations and governments

usually work alone

Question 15

organized crime

Answer 15

group of cyber criminals–> main aim financial gain

attacks carried out by organized crime groups last months, are very well funded and extremely sophisticated

once access gained group steals data, threaten to release data or use ransomware to hold data hostage

extremely hard to protect against due to sophistication and large amount of funding

Question 16

how to protect against organized crime

Answer 16

proper user security training

implementing email filtering systems

proper securing and storing of data

Question 17

nation state

Answer 17

most organized, well funded and most dangerous type of threat actor

two primary motives:
obtaining information like
sensitive information such as government information

usually target government contracts or governments them selves
these attacks are considered atp because they rely on being undetected

Question 18

competitor

Answer 18

competitor threat actor is paid to carry out attacks on behalf of an organization and target competing companies