Threat Hunting Flashcards

1
Q

Threat Hunting

A

A cybersecurity technique designed to detect presence of threat that have not been discovered by a normal security monitoring.
Potentially less disruptive than penetration testing.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
2
Q

Establishing a Hypothesis

A

A hypothesis is derived from the threat modeling and is based on potential events with higher likelihood and higher impact.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
3
Q

Profiling Threat Actors and Activities

A

Involves the creating of scenario that show how a prospective attacker might attempt an intrusion and what their objectives might be

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
4
Q

Threat Hunting

A

Relies on the usage of the tools developed for regular security monitoring and incident response:
Analyze network traffic
Analyze the executable process list
Analyze other infected host
Identify how the malicious process was executed

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
5
Q

Threat Hunting

A
Consumes a lot of resources and time to conduct, but can yield a lot of benefits:
Improve detection capabilities 
Integrate intelligence
Reduces attack surface
Block attack vectors
Identify critical assets
How well did you know this?
1
Not at all
2
3
4
5
Perfectly