Threat Models Pt. 1 (Diamond Model) Flashcards
What are the four vertices of the diamond model?
- Adversary
- Victim
- Capability
- Infrastructure
An ________ is the actor/organization responsible for utilizing a capability against the victim to achieve their intent.
Adversary
This is the actual “hacker” or person(s) conducting the intrusion activity.
Adversary Operator
This entity stands to benefit from the activity conducted in the intrusion.
Adversary Customer
A ______ is the target of the adversary and against whom vulnerabilities and exposures are exploited.
Victim
_________ _______ are the people and organizations being targeted and whose assets are being exploited and attacked.
Victim Personae
_____ ____ are the attack surface and consist of the set of networks, systems, hosts, email addresses, IPs, social networking accounts, etc. which the adversary directs their capabilities.
Victim Assets
Describes the tools/techniques used by the adversary, it can be as simple as a “manual password guessing” or as sophisticated “SHA256 hash of executable”.
Capability
All the vulnerabilities and exposures utilized by the individual capability regardless of victim are considered its capacity.
Capability Capacity
An adversary’s complete set of capabilities.
Adversary Arsenal
The ______ feature describes the physical and/or logical communication structures the adversary uses to deliver a capability maintain control of capabilities, and effect results from the victim.
Infrastructure
Infrastructure which is fully controlled or owned by the adversary or which they may be in physical proximity.
Type 1 Infrastructure
Infrastructure which is controlled by an intermediary.
Type 2 Infrastructure
________ is the analytic technique of extracting a data element and exploiting that element, in conjunction with data sources, to discover other related elements.
Pivoting
