CompTIA Security+ Study Guide Chapter 2: Cybersecurity Threat Landscape

5.0(1)
studied byStudied by 3 people
learnLearn
examPractice Test
spaced repetitionSpaced Repetition
heart puzzleMatch
flashcardsFlashcards
Get a hint
Hint

White-Hat Hackers

Get a hint
Hint

Authorized attackers who act with authorization and seek to discover security vulnerabilities with the intent of correcting them. May either be employees of the organization or contractors hired to engage in penetration testing.

Get a hint
Hint

Black-Hat Hackers

Get a hint
Hint

Unauthorized attackers who act with malicious intent. They seek to defeat security controls and compromise the confidentiality, integrity, or availability of information and systems for their own, unauthorized purposes.

Card Sorting

1/17

Anonymous user
Anonymous user
flashcard set

Earn XP

Description and Tags

Study Analytics
Name
Mastery
Learn
Test
Matching
Spaced

No study sessions yet.

18 Terms

1
New cards

White-Hat Hackers

Authorized attackers who act with authorization and seek to discover security vulnerabilities with the intent of correcting them. May either be employees of the organization or contractors hired to engage in penetration testing.

2
New cards

Black-Hat Hackers

Unauthorized attackers who act with malicious intent. They seek to defeat security controls and compromise the confidentiality, integrity, or availability of information and systems for their own, unauthorized purposes.

3
New cards

Gray-Hat Hackers

Semi-authorized attackers are those who fall somewhere between white and black hat hackers. They act without proper authorization, but they do so with the intent of informing their targets of any security vulnerabilities.

4
New cards

Script Kiddie

Derogatory term for people who use hacking techniques but have limited skills. Often such attackers may rely almost entirely on automated tools they download from the internet.

5
New cards

Hacktivists

People who use hacking techniques to accomplish some activist goal. They might deface the website of a company whose policies they disagree with or might attack a network due to some political issue.

6
New cards

Cyber-Dependent Crime

Ransomware, data compromise, DDoS attacks, website defacement and attacks against critical infrastructure

7
New cards

Advanced Persistent Threats (APT)

State actors hacking into either foreign governments or corporations. (see page 26)

8
New cards

Insider Attacks

Occur when an employee, contractor, vendor, or other individual with authorized access to information and systems uses that access to wage an attack against the organization. These attacks are often aimed at disclosing confidential information, but insiders may also seek to alter information or disrupt business processes.

9
New cards

Dark Web

Shadowy anonymous network often engaging in illicit activity. Ran over standard internet connections but using multiple layers of encryption to provide anonymous communication.

10
New cards

Threat Vectors

The means that threat actors use to obtain access to sensitive information. ex. Phishing emails

11
New cards

Threat Intelligence

Set of activities and resources available to cybersecurity professionals seeking to learn about changes in the threat environment. Building a threat intelligence program is a crucial part of any organization's approach to cybersecurity.

12
New cards

Predictive Analysis

Identify likely risks to the organization.

13
New cards

Vulnerability Databases

Databases that reports vulnerabilities.

14
New cards

Indicators of Compromise (IoCs)

Telltale signs that an attack has taken place and may include file signatures, log patterns, and other evidence left behind by attackers.

15
New cards

Open Source Threat Intelligence

Threat intelligence that is acquired from publicly available sources. (see pages 31-33 for open source websites)

16
New cards

Threat Maps

A geographic view of threat intelligence.

17
New cards

Structured Threat Information eXpression (STIX)

An XML language originally sponsored by the US DHS. It's current version defines 12 STIX domain objects, including things like attack patterns, identities, malware, threat actors, and tools. These objects are then related to each other by one of two STIX relationship object models: either as a relationship or a sighting.

18
New cards

Trusted Automated eXchange of Indicator Information (TAXII)

A companion to STIX. Intended to allow cyber threat information to be communicated at the application layer via HTTPS. Specifically designed to support STIX data exchange.