Week 2- assets, vulnerabilities, threats and attacks.

Question 1

What are assets?

Answer 1

things we own that are of value.

Question 2

What is a critical asset?

Answer 2

an asset that without a person or organisation cannot function.

Question 3

how many types of assets are there?

Answer 3

2, tangible - something you can touch, see or experience. Software is considered tangible.

intangible - information, intellectual property, personal, corporative or professional reputation.

Question 4

what are vulnerabilities?

Answer 4

weaknesses in an asset that allow hostile actors to gain unauthorised access.

Question 5

What are the types of vulnerabilities?

Answer 5

Technological vulnerabilities - weak design, implementation and configuration of tech components. Example, internet facing ports left open.

organisational vulnerabilities - related to people processes and procedures.

Question 6

Explain the window of vulnerability

Answer 6

vulnerabilities in themselves are not a problem but cause a potential threat. The time between attackers discovering the vulnerability and applying fixes becomes a race between attacker and the time vulnerabilities are eliminated. Thus the window of vulnerability.

Question 7

What is Common Vulnerabilities and Exposure (CVE)?

Answer 7

A database hosted by MITRE corp which contains identifiers for publicly disclosed vulnerabilities. Each vulnerability has its own unique identifier

Question 8

Who is MITRE?

Answer 8

founded in 1958 to support the US air forces SAGE project that pioneered everyday computers and networking tech. MITRE manages civil and government projects.

Question 9

what are threats?

Answer 9

a potential cause of damage to an asset utilising vulnerabilities.

Question 10

what are attacks?

Answer 10

any form of unauthorised access affecting the confidentiality, integrity or availability (CIA) of an asset.

Question 11

Passive, active, targeted or untargeted attacks, what are they?

Answer 11

a passive attack is an attempt to learn, understand or make use of information without directly impacting the state of a system resource.

an active attack is an attempt to make changes to a system by stealing or destroying data ot by impacting operations such as DoS attack.

a targeted attack is when an attacker aims at a specific organisation as they have interests.

an untargeted attack is indiscriminate.

Question 12

What are attack vectors?

Answer 12

a way for an attacker to enter a network or system

Question 13

What is Phishing?

Answer 13

emails and personal message sent with the intention of eliciting personal information that can be used to gain access to a system.

Question 14

What is Ransomware?

Answer 14

malicious software that encrypts data and demands a ransom before access is restored (WannaCry is an example)

Question 15

What are Third-party vendors and business partners?

Answer 15

when a organisation outsources part of their system to other organisation exposing themselves to risk because of the other organisation cyber security policies (Target hack)

Question 16

What does compromised credentials mean?

Answer 16

Stolen login details and weak passwords or other authenticator.

Question 17

Whats misconfiguration?

Answer 17

improper set up, such as keeping manufacture username and passwords.

Question 18

What are unpatched vulnerabilities?

Answer 18

errors in software create vulnerabilities that can be exploited as long as these bugs are not patched. WannaCry took exploited an unpatched vulnerability in a certain version of Microsoft.

Question 19

No or inadequate encryption means?

Answer 19

data is vulnerable if it is not encrypted or has weak encryption.

Question 20

What was the WannaCry hack in 2017?

Answer 20

a ransomware program that targeted obsolete versions of microsoft. If it did not impact directly, then it indirectly caused computers to be taken offline. It is an example of an active untargeted attack .

Question 21

what is an attack surface?

Answer 21

The sum of all the vulnerabilities in a system through which an attack could be made.

Question 22

digital attack surface?

Answer 22

attacks made possible through technological vulnerabilities such as operating systems, apps and connections

Question 23

physical attack surface?

Answer 23

when the attacker is within the same location and can attack through physical access to devices or servers.

Question 24

social engineering attack surface?

Answer 24

attacks made possible through exploiting human behaviour.

Question 25

what is attack surface analysis?

Answer 25

a cyber security strategy , discover and reduce attack surfaces by identifying vulnerabilities and identifies relevant solution.

Question 26

What is an Advanced Persistent Threat (APT)?

Answer 26

a form of attack that uses multiple attack vectors over a prolonged. they require a lot of investment in time and money and are usually targeted at high value systems such as government and major corps. Unless targeted at a smaller subcontractor of a larger company.

Question 27

What is a cyber kill chain?

Answer 27

originally 7 steps, adapted by NCSC into 4 steps, allowing security teams to recognise, intercept or prevent them.

Question 28

What does MITRE ATT&CK stand for?

Answer 28

adversarial tactics, techniques and common knowledge (2013).