Brainscape's Knowledge GenomeTM


Top Flashcards (Certified)
All Flashcards

CompTIA Security+ Study Guide by Mike Chapple > Chapter 2 > Flashcards

Chapter 2 Flashcards

Cybersecurity Threat Landscape

1
Q

Internal vs External

Classifying Cybersecurity Threats

A

Threats, risks, or controls, which can be categorized as either internal vs external.

Internal:
-Malicious insider stealing data.
-poor internal security practices or non-compliance
-Threats rely on having access to internal
External:
-Outside Hackers
-Often more straightforward and easier to detect
-External actors do not inherently have acess, they must bypass defenses.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
2
Q

Levels of Sophistication/Capabililty

“Classifying Cybersecurity Threats”

A

The degree of expertise, resources, and technology employed by threat actors or defensive measures.
* noob to pro hackers
* Script Kiddies, Hacktivists, or criminal groups, nation states, or advanced persistent threats.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
3
Q

Resources/Funding

“Classifying Cybersecurity Threats”

A

The level of financial support, personnel, and tools available to threat actors, or defenders, influencing their ability to execute attacks or implement security measures.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
4
Q

Intent/Motivation

“Classifying Cybersecurity Threats”

A

The driving purpose or objective behind a cybersecurity attack, ranging from financial gain to political agendas, personal grudges, or intellectual property.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
5
Q

Script Kiddie

“Threat Actors”

A

An inexperienced hacker who uses pre-made tools, scripts, or exploits created by others to carry out attacks without a deep understanding of how they work.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
6
Q

Organized Crime

“Threat Actors”

A

Appears in any case where there is money to be made.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
6
Q

Hacktivists

“Threat Actors”

A

Individuals or groups who use hacking techniques to promote a political, social, or ideological cause.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
7
Q

Nation-State Attackers

“Threat Actors”

A

Attacks by nation-state actors hacking into foreign governments or corporations.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
8
Q

Advanced Persistent Threats (APTs)

A

Cybersecurity adversary characterized by a sophisticated series of related attacks taking place over extended period of time.

  • APT29 (“Cozy Bear”)
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
9
Q

Zero-Day Attacks

A

An attack on a system that exploits vulnerabilites that are unknown to others including the vendor.
-Unpacthed Vulnerabilities

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
10
Q

Attacker Motivations

A
  1. Data Exfiltration
  2. Espionage
  3. Service Distribution
  4. Blackmail
  5. Financial Gain
  6. Philosophical/Political Beliefs
  7. Ethical attacks
  8. Revenge
  9. Distruption/Chaos
  10. War
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
11
Q

Attack Surface

A

A system application, or service, that contains a vulnerability that can get exploit.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
12
Q

Threat Vector

A

The means that threat actors use to obtain access.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
13
Q

Threat Intelligence

A

The set of activities and resources available to learn about changes in the threat environment.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
14
Q

Predictive Analysis

A

The use of data to attempt to predict events, used in security context to identify potential compromises and attacks.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
15
Q

Vulnerability Databases

A

A data base of vulnerabilities, including information like the severity, fixes, and other information useful for both attackers and defenders.

16
Q

Indicators of Compromise (IoCs)

A

The telltale signs that an attack has taken place and may include file signatures, log patterns, and other evidence left behind by attackers.

17
Q

File and Code Repositories

A

Platforms, or systems, used for storing, managing, and sharing files or code. IOCs may be found in file and code repositories that offer intelligence information.

18
Q

Open Source Threat Intelligence

A

Threat intelligence that is acquired from publicly available sources.

19
Q

Closed-Source Intelligence

A

Intelligence information, typically from a commercial vendor, that is provided only to specific groups.

20
Q

Assessing Threat Intelligence

A

Descriptive Scale:
- Confirmed (90 -100)
- Probable (70-89)
- Possible (50-69)
- Doubtful (30-49)
- Improbable (2-29)
- Discredited (1)

21
Q

Structured Threat Infromation Expression (Stix)

“XML Language”

A

A language that identifies things like attack patterns, identities, malware, threat actors, and tools.

22
Q

Trusted Automated Exchange of Intelligence Information (TAXII)

A

Intended to allow cyberthreat information to be communicated at the application layer via HTTPS.
-Designed to support STIX data exchange.

23
Q

Information Sharing and Analysis Centers (ISACs)

A

Helps Infrastructure owners and operators share threat information and provide tools and assistance to their members.

24
Tactics, Techniques, and Procedures (TTPs)
Describes the behaviours and methods used by threat actors during an attack.

CompTIA Security+ Study Guide by Mike Chapple (7 decks)

Brainscape helps you reach your goals faster, through stronger study habits.
© 2025 Bold Learning Solutions. Terms and Conditions