CompTIA Security+ Study Guide Chapter 2: Cybersecurity Threat Landscape

5.0(1)
studied byStudied by 3 people
learnLearn
examPractice Test
spaced repetitionSpaced Repetition
heart puzzleMatch
flashcardsFlashcards
Card Sorting

1/17

flashcard set

Earn XP

Description and Tags

Study Analytics
Name
Mastery
Learn
Test
Matching
Spaced

No study sessions yet.

18 Terms

1
New cards
White-Hat Hackers
Authorized attackers who act with authorization and seek to discover security vulnerabilities with the intent of correcting them. May either be employees of the organization or contractors hired to engage in penetration testing.
2
New cards
Black-Hat Hackers
Unauthorized attackers who act with malicious intent. They seek to defeat security controls and compromise the confidentiality, integrity, or availability of information and systems for their own, unauthorized purposes.
3
New cards
Gray-Hat Hackers
Semi-authorized attackers are those who fall somewhere between white and black hat hackers. They act without proper authorization, but they do so with the intent of informing their targets of any security vulnerabilities.
4
New cards
Script Kiddie
Derogatory term for people who use hacking techniques but have limited skills. Often such attackers may rely almost entirely on automated tools they download from the internet.
5
New cards
Hacktivists
People who use hacking techniques to accomplish some activist goal. They might deface the website of a company whose policies they disagree with or might attack a network due to some political issue.
6
New cards
Cyber-Dependent Crime
Ransomware, data compromise, DDoS attacks, website defacement and attacks against critical infrastructure
7
New cards
Advanced Persistent Threats (APT)
State actors hacking into either foreign governments or corporations. (see page 26)
8
New cards
Insider Attacks
Occur when an employee, contractor, vendor, or other individual with authorized access to information and systems uses that access to wage an attack against the organization. These attacks are often aimed at disclosing confidential information, but insiders may also seek to alter information or disrupt business processes.
9
New cards
Dark Web
Shadowy anonymous network often engaging in illicit activity. Ran over standard internet connections but using multiple layers of encryption to provide anonymous communication.
10
New cards
Threat Vectors
The means that threat actors use to obtain access to sensitive information. ex. Phishing emails
11
New cards
Threat Intelligence
Set of activities and resources available to cybersecurity professionals seeking to learn about changes in the threat environment. Building a threat intelligence program is a crucial part of any organization's approach to cybersecurity.
12
New cards
Predictive Analysis
Identify likely risks to the organization.
13
New cards
Vulnerability Databases
Databases that reports vulnerabilities.
14
New cards
Indicators of Compromise (IoCs)
Telltale signs that an attack has taken place and may include file signatures, log patterns, and other evidence left behind by attackers.
15
New cards
Open Source Threat Intelligence
Threat intelligence that is acquired from publicly available sources. (see pages 31-33 for open source websites)
16
New cards
Threat Maps
A geographic view of threat intelligence.
17
New cards
Structured Threat Information eXpression (STIX)
An XML language originally sponsored by the US DHS. It's current version defines 12 STIX domain objects, including things like attack patterns, identities, malware, threat actors, and tools. These objects are then related to each other by one of two STIX relationship object models: either as a relationship or a sighting.
18
New cards
Trusted Automated eXchange of Indicator Information (TAXII)
A companion to STIX. Intended to allow cyber threat information to be communicated at the application layer via HTTPS. Specifically designed to support STIX data exchange.