1.5 Explain different threat actors, vectors, and intelligence sources

Question 1

Threat Actor

Answer 1

The bad guy, the person or entity that is trying to hack you

Question 2

Attack Vector

Answer 2

The method of hacking, how the threat actor hacks you

Question 3

APT

Answer 3

Advanced Persistent Threat, attackers in the network and stay there until taken out

Question 4

Insiders Threats

Answer 4

Threat Actor that has access to your organization data because they work there

Question 5

State Actors

Answer 5

A threat actor that works for a government

Question 6

Hacktivist

Answer 6

a hacker with a purpose, a hacker that’s a activist

Question 7

Script kiddies

Answer 7

threat actor that runs many scripts in hope that they gain access, not experienced

Question 8

Criminal Syndicates

Answer 8

Professional criminals that have the resources to hack. motivated by money

Question 9

Hackers

Answer 9

people that are experts in technology

Question 10

Authorized Hacker

Answer 10

ethical hacker with good intentions

Question 11

Unauthorized Hacker

Answer 11

hackers with malicious intent

Question 12

Semi-authorized

Answer 12

Hackers that find vulnerabilities but don’t exploit it.

Question 13

Shadow IT

Answer 13

Organization that create there own IT functions. Causes security Risk

Question 14

Competitors

Answer 14

Threat Actor that tries to cause a DoS to your company

Question 15

Direct access Vector

Answer 15

Attacks vector that has direct access to your OS. Attaches keylogger to collect info.

Question 16

Email Vector

Answer 16

Threat Actor phishing, or deliver malware through email.

Question 17

Supply Chain Vector

Answer 17

Tampering with the manufacturing process

Question 18

Social Media Vector

Answer 18

Threat Actor that use your social media to gain information

Question 19

Removable Media Vector

Answer 19

Malicious USB, or uses USB to steal information

Question 20

Cloud Vector

Answer 20

Attacks the Cloud by exploiting misconfig., brute force, and cause a DoS.

Question 21

OSINT

Answer 21

Open Source Int
public info on cyber security from internet, gov data, social media, commercial

Question 21

Wireless Vector

Answer 21

Vectors that allow a threat Actor access to your network.
default login cred., Rouge Access point, Evil twin, weak encryption

Question 22

Closed/Proprietary

Answer 22

Threat Int. source that you pay for and is formatted to be understood easily

Question 23

Vulnerability Database

Answer 23

CVE and NVD are vulnerability data bases that researchers have found and published.

NVD provides scoring and tells solutions

Question 24

Public/private Info-Sharing Centers

Answer 24

Public-federal gov. releases unclassified cyber attack info
Private- Real time cyber info shared

Question 25

AIS

Answer 25

Automated Indicator Sharing
automictic way sharing threat information

Question 26

STIX

Answer 26

Structured Threat Information eXpression
Standardize way of detailing a cyber threat

Question 27

TAXII

Answer 27

Transportation method for STIX data between orgainzations

Question 28

Dark Web Intelligence

Answer 28

Hacking Groups and services that provides you with a “how to” and sells info for you to hack

Question 29

Predictive Analysis

Answer 29

Finding suspicious behaviors such as: DNS queries, traffic patterns, and location data.

Question 30

Threat Maps

Answer 30

A view of where threats are coming form

Question 31

File/code Repositories

Answer 31

Public code that has been released, attackers get check repositories to see if source code was released

Question 32

Vendor Websites

Answer 32

First one to know if their product was compromised

Question 33

Vulnerability Feeds

Answer 33

Combines vulnerability databases and creates a central vul. feed.

Question 34

Conference

Answer 34

Collected source of info. form people that researched, identified, experienced attacks.

Question 35

Academic Journals

Answer 35

Detailed information on how someone delt with a attack

Question 36

RFC

Answer 36

Track and create a set of standards everyone can use.
also provide details of a threats and vulnerability

Question 37

Local Industry Groups

Answer 37

Gathering of local peers to share info.

Question 38

Social Media

Answer 38

Hacking groups that discuss vulnerabilities

Question 39

Threat Feeds

Answer 39

Automated feed that alerts you of a threat

Question 40

TTP

Answer 40

(Tactics, Technique, and procedure)
How Threat Actors are hacking and how are they doing it.