Which term refers to the path or tool used by an attacker to attack a target quizlet?

Recommended textbook solutions

Anderson's Business Law and the Legal Environment, Comprehensive Volume

23rd EditionDavid Twomey, Marianne Jennings, Stephanie Greene

369 solutions

Operations Management: Sustainability and Supply Chain Management

12th EditionBarry Render, Chuck Munson, Jay Heizer

1,698 solutions

Human Resource Management

15th EditionJohn David Jackson, Patricia Meglich, Robert Mathis, Sean Valentine

249 solutions

Operations Management: Sustainability and Supply Chain Management

12th EditionBarry Render, Chuck Munson, Jay Heizer

1,698 solutions

Recommended textbook solutions

Anderson's Business Law and the Legal Environment, Comprehensive Volume

23rd EditionDavid Twomey, Marianne Jennings, Stephanie Greene

369 solutions

Social Psychology

10th EditionElliot Aronson, Robin M. Akert, Samuel R. Sommers, Timothy D. Wilson

525 solutions

Human Resource Management

15th EditionJohn David Jackson, Patricia Meglich, Robert Mathis, Sean Valentine

249 solutions

Operations Management: Sustainability and Supply Chain Management

12th EditionBarry Render, Chuck Munson, Jay Heizer

1,698 solutions

Recommended textbook solutions

Operations Management: Sustainability and Supply Chain Management

12th EditionBarry Render, Chuck Munson, Jay Heizer

1,698 solutions

Social Psychology

10th EditionElliot Aronson, Robin M. Akert, Samuel R. Sommers, Timothy D. Wilson

525 solutions

Information Technology Project Management: Providing Measurable Organizational Value

5th EditionJack T. Marchewka

346 solutions

Anderson's Business Law and the Legal Environment, Comprehensive Volume

23rd EditionDavid Twomey, Marianne Jennings, Stephanie Greene

369 solutions

1. Social Science
2. Sociology

• Flashcards

• Learn

• Test

• Match

• Flashcards

• Learn

• Test

• Match

Topic 2A: Explain Threat Actor Types and Attack Vectors

Terms in this set (41)

Vulnerability

This is a weakness that can be set off accidentally or on purpose
to cause a security breach.

Improperly configured hardware or software, delays in applying
patches, misuse of software or protocols, poor network design, bad physical security, bad password policies, etc.

Threat

This is the potential for someone or thing to exploit a vulnerability. This may be intentional or unintentional

Threat Actor/Agent

The person or thing posing the threat

Attack Vector

The path or tool used by a malicious threat actor

Risk

This is the likelihood or impact, aka consequence, of a threat actor exploiting a vulnerability.

In order to assess [], you need to first identify a vulnerability and then evaluate how likely it is to be exploited by a threat, and how that would impact you.

External Threat Actor

has no account or authorized access to the system they
are targeting. This actors have to infiltrate the security system of a
network using malware and/or social engineering. This can be done remotely or on-premises, though I'd wager you'll see remote far more often as it is less risky.

Internal or Insider Threat Actor

is one that does have some sort
of access and permissions on the system.

The typical example of this is an employee, but business partners and contractors fall under this too.

Intent

describes what the attacker hopes to achieve from the attack.

Do they want to exfiltrate data? Plant a keylogger? Set up a backdoor?

Motivation

the attacker's reason for carrying out the attack. Greed, curiosity,
maybe some sort of revenge scheme, like an angry ex-employee.

Structured Attacks

Sophisticated hacking techniques to identify, penetrate, probe, and carry out malicious activities.

Unstructured Attacks

Moderately skilled attackers initially attack simply for personal gratification. Can lead to more malicious attacks.

Targeted Attack

An attack that sends specially developed bot only to one or a few IP Addresses in the target organization

opportunistic

Someone acting on their own, very new and inexperienced in hacking just launching a pre-made email worm attack
is an example of an unstructured [] threat

Capability

refers to a threat actor's ability to actually create their own exploit
techniques and tools. Someone who relies on pre-made, widely available attack tools is a least capable threat actor. More capable actors can create their own exploits. Even more capable would be actors than can bring in non-cyber tools, like political or military assets.

tends to be closely tied with funding. More capable actors are going to need more of a budget more often than not.

So sophisticated threat actor groups will need to cultivate plenty of resources: custom attack tools, skilled coders, designers, hackers, social engineers - you can imagine that'll take a far amount
of funding to pull together.

Hacker

describes someone who has the skills necessary to gain
access to a system through unauthorized or unapproved methods.

Black Hat

Hackers are completely unauthorized

White Hat

Hackers, aka Ethical Hackers, are authorized

Gray Hat

Hackers tend to be in between. They may try and find
vulnerabilities in a network without asking for approval first, but they may not actively try to exploit those vulnerabilities. They may seek compensation for their finds, such as with bug bounties, but they won't extort anyone over an exploit.

Script Kiddies

These are the folks who use premade hacker tools and scripts without necessarily understanding or caring how they work. They also do not have the ability to craft new attacks themselves.

[] usually don't have a specific structure or target, and their
overall goal usually isn't anything other than gaining attention or notoriety. They just want to try and look cool.

Hacktivist Groups

Uses cyber weapons to promote a political agenda. Examples
would be Anonymous or WikiLeaks. [] may try and get access to and then leak confidential information to the public, perform denial of service (DoS) attackers, or deface websites.

Political, media, and financial groups tend to be the most at risk targets from these kinds of groups, but environmental and animal advocacy groups may also
target a wide range of industries.

Advanced Persistent Threat (APT)

Rather than focusing on a
system being infected with a virus, this refers to an adversary's ongoing ability to compromise a network's security. To both obtain and maintain access, using an array of different tools and methods.

State Actors

A person or group that is acting on behalf of a governmental
body. So when we say nation state, we're typically going to hear countries called out by name.

tend to target energy and health network systems, and the goals are primarily espionage and strategic advantage.

Will work somewhat independently from the national government,
military, or secret service that sponsors and protects them in order to keep up
"plausible deniability." Many times they'll even pose as independent groups or
hacktivists.

Criminal Syndicates

Create organized crime. Will seek any chance for criminal profit, the typical activities we see are financial fraud and extortion.

Competitor Attack

attributed to state actors, but it isn't out of the realm of possibility for a business to use cyber espionage against a []
business. They could aim to steal from or disrupt a competitor, or maybe just try and damage their reputation.

These attacks may be carried out by employees who change companies, bringing a certain level of insider knowledge along with them.

Insider Threat Actors

A current or former employee, contractor, or business partner who has or had authorized access to an organization's network,
system, or data, and intentionally exceeded or misused that access.

Come from an actor who has been IDed by the organization and does have some sort of legitimate access to the network.

Of these, you can have
those with permanent privileges - employees, for example - or temporary privileges, like
contractors and guests.

Unintentional Insider Threats

Create vectors for an external actor to exploit, rather than being the threat actor themselves. This is usually seen by admins who have poor password management or
something.

Shadow IT

when a user brings in their own hardware or software to the workplace without getting permission to do so.

That hardware or software doesn't get looked over for security analysis, so it may
present holes in security.

Attack Surface

All the points and places where a malicious threat actor could try
to exploit a vulnerability. To calculate, you have to consider the kind of attacker. This should be much smaller for external actors than for an insider threat.

Types of Attack Vectors - Direct Access

This would be a kind of local or physical attack. The attacker
could exploit an unattended workstation, attempt to steal a device, cut cables between servers, etc.

Types of Attack Vectors - Removable Media

An attacker could hide malware on a USB thumb drive or memory card and attempt to trick employees into connecting the drive or card to a PC, laptop, phone ,etc. In some cases just connecting the media is enough to infect the device. In others, the employee might have to try and open a file or app on the drive to trigger the attack

Types of Attack Vectors - Email

Everyone's heard of phishing emails, right? Attackers send some sort of malicious attachment via email or similar means of communication.

Typically the attacker will use elements of social engineering to trick the user into opening the file.

Types of Attack Vectors - Remote & Wireless

The attacker either gets credentials for a remote access
or wireless connection to a network, or they crack the security protocols being
used for authentication. The attacker could also put up a fake trusted access point and then harvest people's credentials when they connect to it.

Types of Attack Vectors - Supply Chain

Instead of going directly after the target, an attacker may try and
infiltrate via companies in its []. Big example is the Target data breach, made possible through infiltrating via the company's HVAC supplier.

Types of Attack Vectors - Web & Social Media

I think we're pretty used to the idea of someone accidentally getting a virus from a shady website. Malware can be hidden in files attached to website posts, or as a part of a download. Social media can also be used for social engineering purposes.

Types of Attack Vectors - Cloud

Almost everyone or every company has some sort of network component
hosted via Internet-accessible clouds.

An attacker would only need to find one account, service, or host with weak credentials in order to gain access. Accounts used to manage cloud systems or develop services tend to be targeted more often.

Which of the following would be assessed by likelihood and impact: vulnerability, threat, or risk?

Risk. To assess likelihood and impact, you must identify both the
vulnerability and the threat posed by a potential exploit.

True or false? Nation state actors primarily only pose a risk to other states.

False—nation state actors have targeted commercial interests for theft, espionage, and extortion.

You receive an email with a screenshot showing a command prompt at one
of your application servers. The email suggests you engage the hacker for a day's consultancy to patch the vulnerability. How should you categorize this threat?

This is either gray hat (semi-authorized) hacking or black hat (nonauthorized) hacking.

If the request for compensation via consultancy is an extortion threat (if refused, the hacker sells the exploit on the dark web), then the motivation is purely financial gain and can be categorized as
black hat.

If the consultancy is refused and the hacker takes no further action, it can be classed as gray hat.

Which type of threat actor is primarily motivated by the desire for
social change?

Hacktivist

Which three types of threat actors are most likely to have high levels of funding?

State actors, criminal syndicates, and competitors.

You are assisting with writing an attack surface assessment report for a small company. Following the CompTIA syllabus, which two potential attack vectors have been omitted from the following headings in the report? Direct access, Email, Remote and wireless, Web and social media, Cloud.

Removable media and supply chain.

Sets found in the same folder

Lesson 1A: Comparing Security Roles and Security C…

22 terms

idrissking

Lesson 1B: Comparing Security Roles and Security C…

39 terms

idrissking

Lesson 2B: Explaining Threat Actors and Threat Int…

29 terms

idrissking

Other sets by this creator

(Week 9) - Lesson 16D - Identifying Site Policies…

28 terms

idrissking

(Week 9) - Lesson 16C - Identifying Site Policies…

41 terms

idrissking

(Week 9) - Lesson 16B - Identifying Site Policies…

18 terms

idrissking

(Week 9) - Lesson 16A - Identifying Site Policies…

24 terms

idrissking

Verified questions

SOCIOLOGY

What is downsizing? In general, what can be said about the relationship between the disadvantages of downsizing and the advantages of downsizing?

Verified answer

SOCIOLOGY

Match the situation below with the key term (a-e) it illustrates. A corporate chief executive officer is economically forced to terminate employees who are her friends. a. role b. role conflict c. role performance d. role strain e. social interaction.

Verified answer

SOCIOLOGY

Complete the sentence using each term once. a. monogamy b. polyandry c. polygyny d. exogamy e. endogamy f. homogamy g. patrilineal h. blended family i. dual-employed marriage j. boomerang kids. are young adults who live with their parents

Verified answer

SOCIOLOGY

What can older Americans do to increase their impact on government policy and legislation?

Verified answer

Recommended textbook solutions

Operations Management: Sustainability and Supply Chain Management

12th EditionBarry Render, Chuck Munson, Jay Heizer

1,698 solutions

Anderson's Business Law and the Legal Environment, Comprehensive Volume

23rd EditionDavid Twomey, Marianne Jennings, Stephanie Greene

369 solutions

Social Psychology

10th EditionElliot Aronson, Robin M. Akert, Samuel R. Sommers, Timothy D. Wilson

525 solutions

Operations Management

13th EditionWilliam Stevenson

980 solutions

Other Quizlet sets

IFSTA 5th - ch 11

20 terms

ENG11540PLUS

CE Shop Final Exam

120 terms

ellaanderson9

NRSG 1600 Exam 1 practice questions 12

24 terms

flickchelseaPLUS

Weather and Climate Exam 2-Topics 6-10

159 terms

madgwil

Which term refers to the path or tool used by an attacker to attack a target?

What command can he use on one system to identify the network path to the second system?

Which term refers to a risk that remains after implementing controls?

Which of the following are considered passive online attacks?