Brainscape's Knowledge GenomeTM


Top Flashcards (Certified)
All Flashcards

CyberSec 8801 > Week 9 > Flashcards

Week 9 Flashcards

1
Q

What are the two approaches to security discussed?

A

Reactive and Proactive approaches

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
2
Q

What is the primary objective of threat hunting?

A

To intercept potential attacks before damage is done, or to mitigate damage of an attack in progress

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
3
Q

What symptom indicates organizations are in Reactive Mode?

A

Security response teams wait for an alert to drive the next steps

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
4
Q

What should organizations do to get ahead of attackers?

A

Think proactively and execute focused activities

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
5
Q

What is the definition of Threat Hunting?

A

Cyber defense activity that seeks out evidence of malicious activities

  • human-led
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
6
Q

What are the two key goals of threat hunting?

A
  • Identify previously unknown threats within environment
  • Gain a deeper understanding of the organization’s technical landscape
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
7
Q

What does a hypothesis-based investigation is centered around what 2 things?

A

Adversaries’ behaviors and TTPs

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
8
Q

What are Indicators of Compromise (IoC)?

A

Indicates that the security of the network or system has been breached

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
9
Q

What are Indicators of Attack (IoA)?

A

Indicators of the activities associated with the attack while the attack is happening

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
10
Q

What is the purpose of building an attack story during threat hunting? By finding what?

A

To support the attack hypothesis by finding related resources/tools

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
11
Q

What is the role of threat actors in threat modeling?

A

Knowing the Threat Actor’s resources and expertise

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
12
Q

What does the acronym STRIDE stand for?

A
  • Spoofing
  • Tampering
  • Repudiation
  • Information Disclosure
  • Denial of Service
  • Elevation of Privilege
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
13
Q

Fill in the blank: Threat modeling methodologies include STRIDE, DREAD, and _______.

A

PASTA

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
14
Q

What is the first step in the Threat Modeling process?

A

Identify Assets

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
15
Q

What are the desired properties associated with STRIDE?

A
  • Authenticity
  • Integrity
  • Non-repudiation
  • Confidentiality
  • Availability
  • Authorization
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
16
Q

True or False: Threat hunting is primarily a reactive approach.

17
Q

What is necessary for effective threat hunting?

A

Cybersecurity professionals who understand attacker tactics and vulnerabilities

18
Q

What should be established to guide the threat hunting process?

A

A hypothesis around threat vectors/surface

19
Q

What is an attack vector?

A

Specific paths threat actors use to gain unauthorized access

20
Q

What does the threat modeling manifesto ask?

A
  • What are we working on?
  • What can go wrong?
  • What are we going to do about it?
  • Did we do a good enough job?

CyberSec 8801 (15 decks)

Brainscape helps you reach your goals faster, through stronger study habits.
© 2025 Bold Learning Solutions. Terms and Conditions