34 Questions
What are the motivations of threat actors?
To promote financial gain and revenge
What are the attributes that differentiate internal and external threat actors?
Difference in level of sophistication and limited technical expertise
What distinguishes hacktivists from organized crime threat actors?
Driven by financial gain vs. driven by political ideologies
What is the 'how' of an attack referred to as?
Threat vector
Which type of threat vector involves embedding malicious code inside of an image file?
Image-based threat vector
What is the technique where an attacker leaves a malware-infected USB drive in a location for a target to find called?
Baiting
What is a decoy system or network set up to attract potential hackers called?
Honeypots
Which technology is designed to mislead, confuse, and divert attackers from critical assets while simultaneously detecting and neutralizing threats?
Deceptive and Disruption Technologies
What is introduced into a system's DNS server to mislead attackers?
Bogus DNS entries
What is the set of vulnerabilities in Bluetooth technology that can allow an attacker to take over devices or spread malware?
BlueBorne
What type of Denial of Service attack targets Bluetooth-enabled devices by sending specially crafted packets?
BlueSmack
Which security mechanism keeps specific services or ports on a network device closed until a specific outbound traffic pattern is detected?
Port Triggering
What type of fake data is sent out when a system detects a network scan attempted by an attacker?
Spoofing fake telemetry data
Which technique involves placing fake folders and files within a system's storage to mislead attackers?
Decoy directories
Which term refers to specific methods and patterns of activities associated with a particular threat actor or group of threat actors?
Tactics, Techniques, and Procedures (TTPs)
What type of cyber attackers are sponsored by governments for cyber espionage or warfare?
Nation-state actors
Which type of threat refers to IT systems, devices, software, or services managed without explicit organizational approval?
Shadow IT
What is the distinction between the intent of the attack and the motivation driving it?
Intent is to cause damage, motivation is for financial gain
Which term refers to individuals or entities within an organization posing a security risk?
Internal threat actors
What do 'script kiddies' rely on to exploit computer systems and networks?
Pre-made software or scripts
What do hacktivists use their technical skills for?
Promote a cause or drive social change
What are some common attack surfaces?
Message-based attacks, image-based attacks, file-based attacks
Which technologies can be used to deceive and detect attackers?
"Honeypots, honeynets, honeyfiles, honeytokens"
"Hiding their identity, disguising their intentions, and using false information or decoy systems" are examples of which tactics employed by threat actors?
"Deception tactics"
What can organizations implement to protect against cyber threats?
Firewalls, antivirus software, intrusion detection systems
What can incident response plans help organizations do in the event of a cyber attack?
All of the above
Which type of cyber threat group is motivated by long-term strategic goals and may conduct false flag attacks?
Nation-state actors
What type of architecture mitigates the risk of insider threats by employing robust access controls and regular audits?
Zero-trust architecture
Which type of cyber threat group is involved in high-profile attacks and targets organizations perceived as acting unethically or against public interest?
Anonymous
What is the use of IT systems, devices, software, applications, and services without organizational approval known as?
Shadow IT
Which type of cyber threat group engages in a variety of illicit activities for financial gain, using custom malware, ransomware, and phishing campaigns?
Organized cybercrime groups
What type of cybersecurity threat originates from within an organization and may take forms such as data theft, sabotage, or misuse of access privileges?
Insider threat
What encompasses all points where an unauthorized user can attempt to enter or extract data?
Threat vectors and attack surfaces
Which group is sponsored by a government to conduct cyber operations against other entities?
Nation-state actors
Study Notes
- Anonymous: a loosely affiliated hacktivist group involved in high-profile attacks, targeting organizations perceived as acting unethically or against public interest
- Organized cybercrime groups: well-structured, sophisticated, possess advanced technical capabilities, engage in a variety of illicit activities for financial gain, use custom malware, ransomware, and phishing campaigns
- Nation-state actors: groups or individuals sponsored by a government to conduct cyber operations against other entities, motivated by long-term strategic goals, may conduct false flag attacks, employ advanced technical skills, and extensive resources
- Insider threats: cybersecurity threats originating from within an organization, with varying capabilities, may take forms such as data theft, sabotage, or misuse of access privileges, driven by financial gain, revenge, or carelessness
- Zero-trust architecture: mitigates the risk of insider threats, includes employing robust access controls, conducting regular audits, and providing effective employee security awareness programs
- Shadow IT: use of IT systems, devices, software, applications, and services without organizational approval, exists due to high security posture or complexities affecting business operations, includes Bring Your Own Devices (BYOD)
- Threat vectors and attack surfaces: means by which attackers gain unauthorized access to deliver malicious payloads or carry out unwanted actions, encompasses all points where an unauthorized user can attempt to enter or extract data, can be minimized by restricting access.
Prepare for the CompTIA Security+ (SY0-701) exam with study notes on hacktivist and organized cybercrime groups. Learn about Anonymous, a well-known hacktivist collective, and organized cybercrime groups involved in digital criminal activities.
Make Your Own Quizzes and Flashcards
Convert your notes into interactive study material.
Get started for free
