Cybersecurity Concepts

A set of flashcards covering key cybersecurity concepts including indicators of compromise, attack behaviors, and tools used in threat intelligence.

What are the key components of Indicators of Compromise (IoCs)?

IPs, hashes, URLs, domains.

What does Indicators of Attack (IoA) refer to?

Behaviors or tactics such as lateral movement and privilege escalation.

What is the MITRE ATT&CK framework used for?

It describes the tactics and techniques used by adversaries.

What does SIEM stand for and what is its purpose?

Security Information and Event Management; it correlates events from various sources.

Name a tool that automates incident response.

SOAR (Security Orchestration, Automation and Response).

What is Wireshark used for?

Packet analysis for inspecting network traffic.

What do STIX and TAXII represent in threat intelligence?

Sharing formats for threat intelligence data.

What does OSINT stand for and what does it refer to?

Open Source Intelligence; it refers to public threat data sources like Shodan and VirusTotal.

What are threat feeds?

Indicators of compromise provided by vendors or Information Sharing and Analysis Centers (ISACs).