Section 2: Threat Actors

Question 1

Data Exfiltration

Answer 1

Unauthorized transfer of data from a computer

Question 2

Blackmail

Answer 2

Obtaining sensitive or compromising information and threatening to release it unless demands are met

Question 3

Espionage

Answer 3

Spying on individuals, organizations, or nations to gather sensitive or classified information

Question 4

Service Disruption

Answer 4

Disrupting services to cause chaos, make a political statement, or demand a ransom

Question 5

Financial Gain

Answer 5

Achieving profit through means such as ransomware attacks or banking trojans

Question 6

Philosophical/Political Beliefs

Answer 6

Hacktivism driven by political, social, or environmental ideologies

Question 7

Ethical Reasons

Answer 7

Ethical hackers motivated by improving security rather than malicious intent

Question 8

Revenge

Answer 8

Targeting an entity perceived to have wronged the threat actor

Question 9

Disruption/Chaos

Answer 9

Spreading malware or launching cyberattacks to create chaos

Question 10

War

Answer 10

Cyber warfare to disrupt a country’s infrastructure, compromise national security, or cause economic damage

Question 11

Internal vs. External Threat Actors

Answer 11

Internal threats: originate from within the organization
external threats: come from outside

Question 12

Unskilled Attackers

Answer 12

Limited technical expertise, using readily available tools

Question 13

Hacktivists

Answer 13

Motivated by ideological beliefs, using cyber techniques to promote causes

Question 14

Organized Crime

Answer 14

Sophisticated groups executing cyberattacks for financial gain

Question 15

Nation-state Actor

Answer 15

Government-sponsored, highly skilled attackers conducting cyber espionage or warfare

Question 16

Insider Threats

Answer 16

Security threats from within the organization, potentially from disgruntled employees

Question 17

Shadow IT

Answer 17

IT systems, devices, software, or services managed without explicit organizational approval

Question 18

Message-based Attacks

Answer 18

Delivered via email, SMS, or instant messaging, often involving phishing

Question 19

Image-based attacks

Answer 19

Malicious code embedded in image files

Question 20

File-based attacks

Answer 20

Malicious files disguised as legitimate documents or software

Question 21

Voice Calls attacks

Answer 21

Vishing attacks using voice calls to extract sensitive information

Question 22

Removable Devices attacks

Answer 22

Baiting tactics involving malware-infected USB drives

Question 23

Unsecured Networks attacks

Answer 23

Exploiting vulnerabilities in wireless, wired, or Bluetooth networks

Question 24

Honeypots

Answer 24

Decoy systems to attract and deceive attackers

Question 25

Honeynets

Answer 25

Network of decoy systems to observe complex attacks

Question 26

Honeyfiles

Answer 26

Decoy files to detect unauthorized access or data breaches

Question 27

Honeytokens

Answer 27

Fake data to alert administrators when accessed or used

Question 28

Tactics, Techniques, and Procedures (TTPs)

Answer 28

Specific methods and behaviors associated with particular threat actors

Question 29

Deceptive and Disruption Technologies

Answer 29

Tools designed to mislead and neutralize attackers