Module 1: Fundamentals

Réussis tes devoirs et examens dès maintenant avec Quizwiz!

What is a White Hat

(Pen Testers) individuals who use their hacking skills for defensive purposes

What is Defense-in-Depth

A security strategy in which security professionals use several protection layers through an Information System

What is Incident Handling and response?

A set of procedures, actions, and measures taken against an unexpected event occurence

What is the Sarbanes Oxley Act?

Aims to protect the public and investors by increasing the accuracy and reliability of corporate disclosures

What does AI and ML stand for?

Artificial Intelligence Machine Learning

What is a Distribution Attack

Attackers tamper with hardware or software prior to installation EX: BACKDOOR

What is the Gaining Access phase?

Attackers use vulnerabilities identified during the recon and scanning phases to gain access to the target system and network.

Key Elements of Information Security

CIA

What is the CIA of IS?

Confidentiality Integrity Availability

What is the Command and Control step in CKC

Create a command and control channel to communicate and pass data back and forth

What is the Weaponization step in CKC

Create a deliverable malicious payload using an exploit and a backdoor

What does CTI stand for

Cyber Threat Intelligence

What does DPA Stand for?

Data Protection Act

What does DiD stand for?

Defense-in-Depth

What is Risk?

Degree of uncertainty or expectation of potential damage that an adverse event may cause to a system or resources

What does DMCA Stand for?

Digital Millennium Copyright Act

Examples of Active Attacks

DoS/DDoS Firewall/IDS Attack XSS/SQL Inject MitM Attack Spoofing

what is the exploitation step in CKC

Exploit a vulnerability by executing code on the victim's system

What does FISMA Stand for?

Federal Information Security Management Act

Examples of Passive attacks

Footprinting Sniffing/Eavesdropping Network Traffic Analysis Decryption of traffic

What is the Reconnaissance step in CKC

Gater data on the target to probe for weak points

What does GDPR stand for?

General Data Protection Regulation

What does HIPAA stand for

Health Insurance Portability and Accountability Act

What is the Risk Management Phases

Identification Assessment Treatment Tracking Review

What is the purpose of the Cyber Kill Chain

Identifies the steps the adversaries take in order to accomplish their goals.

What are the steps to Threat Modeling

Identify Objectives Application Overview Decompose the Application Identify Threats Identify Vulnerabilities

What does IH&R stand for?

Incident Handling and Response

What is IoC

Indicator of Compromise

What is a Suicide Hacker

Individuals who aim to bring down critical infrastructure for a "cause" and are not worried about the punishment

What is a Hacktivist

Individuals who break into a government or corporate computer systems a san act of protest

What is a Black Hat

Individuals who use their extraordinary computing skills for illegal or malicious purposes

What is a Gray Hat

Individuals who work both offensively and defensively at various times

What is a Cyber Terrorist

Individuals with a wide range of skills, motivated by religious or political beliefs, to create fear of large-scale disruption of computer networks.

What is the Installation step in CKC

Install malware on the target system

What is a passive attack?

Intercepting and Monitoring network traffic and data flow on the target network. DOES NOT TAMPER WITH DATA

What is Active Reconnaissance

Involves direct interactions with the target system by using tools to detect open ports, hosts, router locations, network mapping, etc.

What is Passive Reconnaissance

No interaction with the target directly. Attacker relies on publicly available information, news releases, or other no-contact methods

What are the two types of Reconnaissance

Passive and Active

What does PCI DSS stand for

Payment Card Industry Data Security Standard

What is the Actions on Objectives step in CKC

Perform actions to achieve intended objectives/goals

What is an Insider Attack

Performed by trusted persons who have physical access to critical assets of the target

Technical Threat Intelligence

Provides information about resources an attacker uses to perform an attack

What is Operational Threat Intelligence

Provides information about specific threats against the organization

What is Tactical Threat Intelligence

Provides information related to the TTPs used by threat actors to perform attacks

What is the Cyber Kill Chain Methodology Acronym

RWDEIC&CA Real Wombats Don't Ever Install Command&Controll Apps

What are the steps in the Cyber Kill Chain

Reconnaissance Weaponization Delivery Exploitation Installation Command and Controll Actions on Objectives

What are the Hacking Phases

Reconnaissance Scanning Gaining Access Maintaining Access Clearing Tracks

What is ISO/IEC 27001?

Requirements for managing and continually improving an information security management system within the context of an organization

What does SOX stand for?

Sarbanes-Oxley Act

What is the Delivery step in CKC

Send weaponized bundle to the victim using email, usb, etc

Example of Close-In Attacks

Social Engineering Dumpster diving Shoulder Surfing Eavesdropping

What are the two types of ML?

Supervised Learning Unsupervised Learning

What is TTP

Tactics, Techniques, and Procedures

What is an Active Attack

Tamper with the data in transit or disrupt communication or services between the systems to bypass or break into secured systems.

What is the Maintaining Access Phase?

The Attacker tries to retain his or her ownership of the system

What is Cyber Threat Intelligence?

The Process of recognicaing or discovering any "unknown threats" that an organization may face so that it may be avoided

What is the Clearing Tracks Phase?

The activities carried out by an attacker to hide malicious acts to avoid legal trouble.

What is the Scanning phase

The phase immediately preceding the attack. The Attacker uses the details gathered during reconnaissance to scan the network for specific information

What is a threat?

The possibility of a malicious attempt to damage or disrupt a computer network or system.

What is a Script Kiddie

Unskilled hackers who compromise systems by running scripts, tools, and software developed by real hackers.

What is a State-Sponsored Hackers

individuals employed by the government to penetrate, gain topsecret info from and damage the info systems of other governments

What does TTP refer to?

patterns of activities and methods associated with specific threat actors or groups of threat actors

What is a Close-In Attack

perfomed when the attacker is in close PHYSICAL proximity with the target system or network

What is Threat Modeling?

risk assessment approach for analyzing the security of an application by capturing, organizing, and analyzing all the info that affects it

What is Incident Management

set of defined proceses to restore the system to normal service operations as soon as possible, and prevent recurrence of the incident


Ensembles d'études connexes

Puryear Honors Final Exam Review RQ's (these are my answers so yours might be different)

View Set

Evolve Maternity and Women's Health Nursing - Women's Health

View Set

Life Saving and Emergency/Distress Signals

View Set

Breathing processes, exchange of gases, respiration

View Set

E.1.2 Use convention of standard english punctuation

View Set

Sean Chapter 5: Listing Agreements and Earnest Money Agreements

View Set

Tryst With Destiny By Jawaharal Nehru

View Set

1.3: Describing Quantitative Data with Numbers

View Set