Threat Hunting

Question 1

Threat Modeling

Answer 1

the process of identifying and assessing the possible threat actors and attack vectors that pose a risk to the security of an app, network, or other system

Question 2

Attack Surface vs Vector

Answer 2

Point a network receives internal/external connection (network, apps, clous services, website) vs a specific path a threat actor gains access to a system (cyber, human, physical)

Question 3

Threat Hunting

Answer 3

Cybersecurity technique designed to detect presence of threats that
have not been discovered by normal security monitoring.

Question 4

Email Harvesting

Answer 4

OSINT technique to gather email from a domain

Question 5

Harvesting Techniques

Answer 5

whois - public list of all registered domains and admins
DNS Zone transfer - replicate DNS database across DNS servers
DNS Harvesting - OSINT gather info about domain

Question 6

AbuseIPDB

Answer 6

A community-driven database that keeps track of IP addresses reported for abusive behavior

Question 7

Deep web vs dark web

Answer 7

Sensitive info not searchable to public intel vs Illegal activities

Question 8

Bug Bounty

Answer 8

a way for companies to crowdsource security testing of their software services and applications to identify and address potential security issues