CompTIA Security+ Study Guide Chapter 2: Cybersecurity Threat Landscape

studied byStudied by 2 people
0.0(0)
Get a hint
Hint

White-Hat Hackers

1 / 17

flashcard set

Earn XP

Description and Tags

18 Terms

1

White-Hat Hackers

Authorized attackers who act with authorization and seek to discover security vulnerabilities with the intent of correcting them. May either be employees of the organization or contractors hired to engage in penetration testing.

New cards
2

Black-Hat Hackers

Unauthorized attackers who act with malicious intent. They seek to defeat security controls and compromise the confidentiality, integrity, or availability of information and systems for their own, unauthorized purposes.

New cards
3

Gray-Hat Hackers

Semi-authorized attackers are those who fall somewhere between white and black hat hackers. They act without proper authorization, but they do so with the intent of informing their targets of any security vulnerabilities.

New cards
4

Script Kiddie

Derogatory term for people who use hacking techniques but have limited skills. Often such attackers may rely almost entirely on automated tools they download from the internet.

New cards
5

Hacktivists

People who use hacking techniques to accomplish some activist goal. They might deface the website of a company whose policies they disagree with or might attack a network due to some political issue.

New cards
6

Cyber-Dependent Crime

Ransomware, data compromise, DDoS attacks, website defacement and attacks against critical infrastructure

New cards
7

Advanced Persistent Threats (APT)

State actors hacking into either foreign governments or corporations. (see page 26)

New cards
8

Insider Attacks

Occur when an employee, contractor, vendor, or other individual with authorized access to information and systems uses that access to wage an attack against the organization. These attacks are often aimed at disclosing confidential information, but insiders may also seek to alter information or disrupt business processes.

New cards
9

Dark Web

Shadowy anonymous network often engaging in illicit activity. Ran over standard internet connections but using multiple layers of encryption to provide anonymous communication.

New cards
10

Threat Vectors

The means that threat actors use to obtain access to sensitive information. ex. Phishing emails

New cards
11

Threat Intelligence

Set of activities and resources available to cybersecurity professionals seeking to learn about changes in the threat environment. Building a threat intelligence program is a crucial part of any organization's approach to cybersecurity.

New cards
12

Predictive Analysis

Identify likely risks to the organization.

New cards
13

Vulnerability Databases

Databases that reports vulnerabilities.

New cards
14

Indicators of Compromise (IoCs)

Telltale signs that an attack has taken place and may include file signatures, log patterns, and other evidence left behind by attackers.

New cards
15

Open Source Threat Intelligence

Threat intelligence that is acquired from publicly available sources. (see pages 31-33 for open source websites)

New cards
16

Threat Maps

A geographic view of threat intelligence.

New cards
17

Structured Threat Information eXpression (STIX)

An XML language originally sponsored by the US DHS. It's current version defines 12 STIX domain objects, including things like attack patterns, identities, malware, threat actors, and tools. These objects are then related to each other by one of two STIX relationship object models: either as a relationship or a sighting.

New cards
18

Trusted Automated eXchange of Indicator Information (TAXII)

A companion to STIX. Intended to allow cyber threat information to be communicated at the application layer via HTTPS. Specifically designed to support STIX data exchange.

New cards

Explore top notes

note Note
studied byStudied by 3 people
... ago
5.0(1)
note Note
studied byStudied by 166 people
... ago
4.5(2)
note Note
studied byStudied by 118 people
... ago
5.0(4)
note Note
studied byStudied by 11 people
... ago
5.0(2)
note Note
studied byStudied by 43 people
... ago
5.0(1)
note Note
studied byStudied by 10 people
... ago
5.0(1)
note Note
studied byStudied by 29 people
... ago
5.0(1)
note Note
studied byStudied by 21736 people
... ago
4.6(101)

Explore top flashcards

flashcards Flashcard (36)
studied byStudied by 10 people
... ago
5.0(1)
flashcards Flashcard (32)
studied byStudied by 8 people
... ago
5.0(2)
flashcards Flashcard (49)
studied byStudied by 2 people
... ago
4.0(1)
flashcards Flashcard (72)
studied byStudied by 6 people
... ago
5.0(1)
flashcards Flashcard (30)
studied byStudied by 3 people
... ago
5.0(1)
flashcards Flashcard (50)
studied byStudied by 8 people
... ago
5.0(1)
flashcards Flashcard (21)
studied byStudied by 17 people
... ago
5.0(1)
flashcards Flashcard (37)
studied byStudied by 194 people
... ago
5.0(1)
robot