1.5

Question 1

Also known as threat _____________ or adversaries, are individuals, groups, organizations, or entities that pose a threat to the security of computer systems, networks, or data.

Answer 1

Actors

Question 2

___________ refer to potential dangers or risks to the confidentiality, integrity, and availability of information systems and data.

Answer 2

Threats

Question 3

An _____________ is a sophisticated and targeted cyber attack carried out by highly skilled and well-resourced adversaries, typically with specific objectives such as espionage, data theft, or sabotage. ________________ are carefully planned, stealthy, and persistent.

Answer 3

Advanced persistent threat (APT)

Question 4

Refers to potential risks posed to an organization’s cybersecurity by individuals who have authorized access.

Answer 4

Insider threats

Question 5

Refers to government entities or agencies that engage in cyber activities for various purposes, including espionage, sabotage, influence operations, and national security objectives.

Answer 5

State actors

Question 6

Are individuals or groups who engage in hacking activities as a means of promoting social or political causes.

Answer 6

Hacktivists

Question 7

Are individuals with limited technical expertise who use pre-existing hacking tools and scripts to launch cyber attacks or engage in malicious activities without a deep understanding of how these tools work.

Answer 7

Script kiddies

Question 8

Are sophisticated groups of individuals or networks that engage in criminal activities in cyberspace for financial gain or other malicious purposes.

Answer 8

Criminal syndicates

Question 9

Individuals or groups with advanced technical skills and knowledge of computer systems, networks, and software.

Answer 9

Hackers

Question 10

Also known as ethical hackers or penetration testers, are individuals or security professionals who are authorized by organizations to deliberately attempt to bypass security controls.

Answer 10

Authorized hackers

Question 11

Also known as malicious hackers or attackers, are individuals or groups who gain unauthorized access to computer systems, networks, or data.

Answer 11

Unauthorized hackers

Question 12

Hackers that work in both the legally sanctioned world of security and the illegal realm of criminal activity.

Answer 12

Semi-authorized hackers

Question 13

Refers to IT systems, software, applications, or services that are used within an organization without explicit approval, oversight, or control from the IT department.

Answer 13

Shadow IT

Question 14

Other organizations within the same industry or market sector that may pose a threat or risk to an organization’s cybersecurity posture.

Answer 14

Competitors

Question 15

Individuals within an organization who have authorized access to its systems, networks, or data.

Answer 15

Internal actors

Question 16

individuals, groups, organizations that operate outside of an organization’s boundaries and seek to compromise its systems, networks, or data.

Answer 16

External actors

Question 17

Refers to a method or pathway through which an attacker gains direct access to a system.

Answer 17

Direct access vector

Question 18

Refers to various methods an attacker can use to gain access to a system.

Answer 18

Vectors

Question 19

Refers to a method or pathway through which a cyber threat is delivered to a target via wireless communication channels.

Answer 19

Wireless vector

Question 20

Refers to a method or pathway through which a cyber threat is delivered to a target via email.

Answer 20

Email vector

Question 21

Refers to a method or pathway through which a cyber threat is delivered to a target via its supply chain partners or vendors.

Answer 21

Supply chain vector

Question 22

Refers to a method or pathway through which a cyber threat is delivered to a target via removable media.

Answer 22

Removable media vector

Question 23

Refers to a method or pathway through which a cyber threat is delivered to a target via social media.

Answer 23

Social media vector

Question 24

Refers to a method or pathway through which a cyber threat is delivered to a target via cloud connectivity.

Answer 24

Cloud vector

Question 25

Refers to the collection, analysis, and use of publicly available information from open sources to gather intelligence.

Answer 25

Open-source intelligence (OSINT)

Question 26

Are collections of information about known vulnerabilities. These databases serve as centralized resources.

Answer 26

Vulnerability databases

Question 27

Are threat intelligence databases that are offered by security firms as a premium. Cannot be accessed unless bought.

Answer 27

Closed/proprietary

Question 28

Also known as Information Sharing and Analysis Centers (ISACs) or Information Sharing and Analysis Organizations (ISAOs), are collaborative platforms or organizations established to facilitate the exchange of cybersecurity threat intelligence.

Answer 28

Public/private information-
sharing centers

Question 29

Is a subset of the worldwide content on the Internat that has its access restricted via specific obfuscation methods.

Answer 29

Dark web

Question 30

Are artifacts or evidence observed in a network, system, or environment that may indicate a security compromise by malicious actors.

Answer 30

Indicators of Compromise (IoCs)

Question 31

Is an automated, bidirectional cyber-threat indicator method that’s used for reporting.

Answer 31

Automated Indicator Sharing (AIS)

Question 32

Are key standards and protocols in cybersecurity designed to facilitate the sharing and exchange of cyber threat intelligence.

Answer 32

Structured Threat Information
eXpression (STIX)/Trusted
Automated eXchange of
Intelligence Information (TAXII)

Question 33

The process of using analytical methods to forecast security incidents before they occur.

Answer 33

Predictive analysis

Question 34

Are geographical representations of attacks showing where packets are coming from and going to.

Answer 34

Threat maps

Question 35

Are centralized storage systems used to store digital assets related to software development and IT operations.

Answer 35

File/code repositories

Question 36

Are the sets of standards used to define how the Internet and protocols involved in the World Wide Web are established and managed.

Answer 36

Request for comments (RFC)

Question 37

Is used to describe how threat agents organize and orchestrate their efforts.

Answer 37

Adversary tactics, techniques,
and procedures (TTP)