Threats/Risk/Vulnerability Flashcards
(20 cards)
What is a threat?
Any circumstance or event that can negatively impact assets.
Threats can come from various sources, including insider threats and advanced persistent threats (APTs).
Define vulnerability.
A weakness that can be exploited by a threat.
Organizations need to regularly inspect for vulnerabilities within their systems.
What is the primary goal of risk management in organizations?
To protect assets.
Assets can be digital or physical, including personal information and physical items like servers.
List four common strategies used to manage risks.
- Acceptance
- Avoidance
- Transference
- Mitigation
Each strategy has its own approach to handling risk and maintaining business continuity.
What is an insider threat?
Staff members or vendors who abuse their authorized access to obtain data that may harm an organization.
Insider threats can come from current or former employees.
What does APT stand for?
Advanced Persistent Threat.
APTs involve a threat actor maintaining unauthorized access to a system for an extended period.
What is a low-risk asset?
Information that would not harm the organization’s reputation or ongoing operations, and would not cause financial damage if compromised.
This type of asset is generally considered safe from significant threats.
What is a high-risk asset?
Information protected by regulations or laws, which if compromised would have a severe negative impact on an organization’s finances, ongoing operations, or reputation.
High-risk assets require stringent security measures.
Fill in the blank: A _______ is anything that can impact the confidentiality, integrity, or availability of an asset.
risk
What is ransomware?
A malicious attack where threat actors encrypt an organization’s data and demand payment to restore access.
Ransomware attacks can lead to significant financial losses and operational disruptions.
What are the three layers of the web?
- Surface web
- Deep web
- Dark web
Each layer has different accessibility and content types.
What is external risk?
Anything outside the organization that has the potential to harm organizational assets.
Examples include threat actors attempting to gain access to private information.
What is internal risk?
A current or former employee, vendor, or trusted partner who poses a security risk.
Internal risks can often be more challenging to detect.
What is the significance of legacy systems in risk management?
Old systems that might not be accounted for or updated can still impact assets.
Examples include outdated workstations or old mainframe systems.
Fill in the blank: A _______ is a technique that exploits human error to gain private information.
social engineering
What is the OWASP Top Ten?
A standard awareness document about the top 10 most critical security risks to web applications, updated regularly.
It emphasizes the importance of staying current with the evolving cybersecurity landscape.
What is a common vulnerability related to Microsoft Exchange servers?
ProxyLogon.
This vulnerability allows a threat actor to deploy malicious code from a remote location.
What does ZeroLogon affect?
Microsoft’s Netlogon authentication protocol.
It is a vulnerability that can compromise user identity verification.
What is a common consequence of insufficient logging and monitoring?
Attackers exploiting vulnerabilities without the organization knowing it.
Effective logging is crucial for identifying and addressing security incidents.
What is server-side request forgery?
A vulnerability that allows attackers to manipulate a server-side application into accessing and updating backend resources.
This can also lead to data theft.
