CPTIA Exam Practice Flashcards

0.0(0)
Studied by 0 people
call kaiCall Kai
Locked
learnLearn
examPractice Test
spaced repetitionSpaced Repetition
heart puzzleMatch
flashcardsFlashcards
GameKnowt Play
full-widthPodcast
1
Card Sorting

1/44

flashcard set

Earn XP

Description and Tags

A comprehensive set of vocabulary flashcards for the CPTIA exam, covering threat intelligence models, the intelligence cycle, collection methods, and legal/ethical frameworks in the UK.

Last updated 10:33 AM on 7/5/26
Name
Mastery
Learn
Test
Matching
Spaced
Call with Kai
Chat

No analytics yet

Send a link to your students to track their progress

45 Terms

1
New cards

Risk Formula

Risk=Threat×VulnerabilityRisk = Threat \times Vulnerability or Risk=Threat×Vulnerability×ImpactRisk = Threat \times Vulnerability \times Impact

2
New cards

Threat Formula

Threat=Intent×CapabilityThreat = Intent \times Capability

3
New cards

Vulnerability

A weakness that can be exploited by an attacker.

4
New cards

Exploit

The specific code or method used to leverage a vulnerability.

5
New cards

Threat Vector

The path an attacker uses to reach a target, such as email, USB, or the web.

6
New cards

Data

Raw facts in large volumes, such as IP addresses or logs, that have low value on their own.

7
New cards

Information

Data that has been collated into a useful output, such as logs showing a specific spike in activity.

8
New cards

Intelligence

Analyzed information that supports decision-making processes.

9
New cards

Reconnaissance

The first step of the Cyber Kill Chain involving research and selection of targets.

10
New cards

Weaponization

The second step of the Cyber Kill Chain where malware is paired with an exploit into a payload on the attacker side.

11
New cards

Delivery

The third step of the Cyber Kill Chain and the earliest step a victim can defend against; involves sending the weapon via email, website, or USB.

12
New cards

Exploitation

The fourth step of the Cyber Kill Chain where the code triggers and leverages the vulnerability.

13
New cards

Installation

The fifth step of the Cyber Kill Chain where a backdoor is installed for persistence.

14
New cards

Command & Control (C2)

The sixth step of the Cyber Kill Chain where the attacker gains hands-on-keyboard access.

15
New cards

Actions on Objectives

The final step of the Cyber Kill Chain involving exfiltration, encryption, or destruction of data.

16
New cards

Objective (CROSSCAT)

The principle of intelligence where the analyst removes cognitive bias.

17
New cards

Planning and Direction

The first phase of the CREST Intelligence Cycle where Intelligence Requirements (IRs) and Priority Intelligence Requirements (PIRs) are defined.

18
New cards

Collection

The second phase of the CREST Intelligence Cycle where data is gathered from sources and where HUMINT occurs.

19
New cards

Processing and Analysis

The third phase of the CREST Intelligence Cycle where data is collated, fused, and analyzed; it is the stage where bias primarily enters.

20
New cards

Dissemination

The fourth phase of the CREST Intelligence Cycle where intelligence is delivered in the correct format to the consumer.

21
New cards

F3EAD

A military alternative intelligence cycle standing for Find, Fix, Finish, Exploit, Analyze, and Disseminate.

22
New cards

Strategic CTI

Intelligence focused on 'who and why' for senior decision makers, delivered in plain language regarding business risk.

23
New cards

Operational CTI

Intelligence focused on 'how and where' for network defenders regarding impending attacks.

24
New cards

Tactical CTI

Intelligence focused on 'what' (TTPs and IOCs) for the SOC and signature-based systems.

25
New cards

Hacktivists

Threat actors motivated by political or social causes, such as the group Anonymous.

26
New cards

Script Kiddies / Opportunists

Threat actors with the lowest capability, high frequency, and low skill, motivated by notoriety or fun.

27
New cards

Nation States

Threat actors with the largest resources, primarily motivated by espionage and disruption.

28
New cards

Diamond Model

An analytic model for intrusion analysis consisting of four vertices: Adversary, Capability, Infrastructure, and Victim.

29
New cards

MOSCOW

A prioritization framework standing for Must have, Should have, Could have, and Won't have.

30
New cards

Intelligence Gap

The difference between what is currently known and what is needed to answer an Intelligence Requirement.

31
New cards

Collection Plan

A bridge between Direction and Collection that turns IRs/PIRs into tasks with sources, agencies, and timescales.

32
New cards

Collection Worksheet

A record of actual collection activities (sources checked, search terms, dates) used to bridge Collection to Analysis.

33
New cards

5x5x5 Grading

A system used to grade Source reliability (A-E), Intelligence credibility (1-5), and Handling instructions (1-5).

34
New cards

WHOIS

A source for registrar and registrant contact details, delivered in an unstructured, human-readable format.

35
New cards

TAILS

The Amnesic Incognito Live System; a live OS that routes all traffic through Tor and leaves no trace on the machine.

36
New cards

Analysis of Competing Hypotheses (ACH)

The best structured analytical method used to remove cognitive bias.

37
New cards

Likelihood Yardstick (Almost Certain)

A probability assessment reflecting a value of approximately 95%+95\%+ or 0.950.95.

38
New cards

STIX

Structured Threat Information Expression; a machine-readable language for describing threat intelligence (v1 is XML, v2 is JSON).

39
New cards

TAXII

Trusted Automated eXchange of Indicator Information; the HTTPS-based RESTful API transport for sharing STIX data.

40
New cards

CybOX

Cyber Observable eXpression; a schema used to describe observables, merged into STIX 2.

41
New cards

Computer Misuse Act 1990

The UK law governing unauthorized access, data interference, and malware (hacking).

42
New cards

RIPA 2000

The Regulation of Investigatory Powers Act; governs surveillance, interception by public bodies, and Covert Human Intelligence Sources (CHIS).

43
New cards

GPMS

The Government Protective Marking Scheme, currently consisting of three tiers: OFFICIAL, SECRET, and TOP SECRET.

44
New cards

CVE

Common Vulnerabilities and Exposures; a list of publicly disclosed cybersecurity vulnerabilities maintained by MITRE.

45
New cards

CVSS

Common Vulnerability Scoring System; a numerical score used to reflect the severity of a vulnerability.