Threat Actors

Question 1

Threat actor intent

Answer 1

Specific objective or goal that a threat actor is aiming to achieve through
their attack

Question 2

Threat actor motivation

Answer 2

Underlying reasons or driving forces that pushes a threat actor to carry
out their attack

Question 3

Possible threat actor motivations

Answer 3

1. Data exfiltration
2. Financial gain
3. Blackmail
4. Service disruption
5. Philosophical or political beliefs (hacktivism)
6. Ehtical reasons
7. Revenge
8. Disruption or chaos
9. Espionage
10. Cyber warfare

Question 4

Internal threat actors

Answer 4

Individuals or entities within an organization who pose a threat to its
security

Question 5

External threat actors

Answer 5

Individuals or groups outside an organization who attempt to breach its
cybersecurity defenses

Question 6

Unskilled attackers

Answer 6

Individual who lacks the technical knowledge to develop their own hacking tools or exploits

Question 7

Hacktivists

Answer 7

Individuals or groups that use their technical skills to promote a cause or drive
social change instead of for personal gain

Question 8

Organized crime

Answer 8

Organized cybercrime groups are groups or syndicates that have banded together to
conduct criminal activities in the digital world
- Sophisticated and well structured
- Use resources and technical skills for illicit gain

Question 9

Nation-state Actor

Answer 9

Groups or individuals that are sponsored by a government to conduct cyber
operations against other nations, organizations, or individuals

Question 10

APT

Answer 10

Advanced Persistent Threat
Often nation states or sponsored by nation states. Highly skilled and sophisticated.

Question 11

Insider Threats

Answer 11

Cybersecurity threats that originate from within the organization

Question 12

Shadow IT

Answer 12

Use of information technology systems, devices, software, applications, and
services without explicit organizational approval

IT-related projects that are managed outside of, and without the knowledge of,
the IT department

Question 13

Threat Vector

Answer 13

Means or pathway by which an attacker can gain unauthorized access to a
computer or network to deliver a malicious payload or carry out an unwanted
action

Question 14

Attack Surface

Answer 14

Encompasses all the various points where an unauthorized user can try to enter
data to or extract data from an environment

Question 15

TTPs

Answer 15

Tactics, Techniques and Procedures

Specific methods and patterns of activities or behaviors associated with a
particular threat actor or group of threat actors

Question 16

Honeypot

Answer 16

Decoy system or network set up to attract potential hackers

Question 17

Honeynet

Answer 17

Network of honeypots to create a more complex system that is designed
to mimic an entire network of systems

Question 18

Honeyfiles

Answer 18

Decoy file placed within a system to lure in potential attackers

Question 19

Honeytokens

Answer 19

Piece of data or a resource that has no legitimate value or use but is
monitored for access or use

Question 20

Port Triggering

Answer 20

Security mechanism where specific services or ports on a network
device remain closed until a specific outbound traffic pattern is
detected