Cyber Adversary Model: Attack Surfaces, Vectors, and Trees

Questions and Answers

What is the primary goal of an adversary in a security context?

To assess the integrity of a protocol

To improve the availability of a system

To ensure the confidentiality of a system

To disrupt or prevent proper operation of a secure system (correct)

What is a cyber adversary model used for?

To respond to a cyber attack

To assess the risk of a cyber attack

To categorize types of attackers based on their characteristics (correct)

To predict the capabilities of an attacker

What are the resources of an adversary referred to?

The access and objectives of an adversary

The motivation and intent of an adversary

The assets and tools available to an adversary (correct)

The capabilities and risk aversion of an adversary

What are the components of a cyber adversary model based on?

The characteristics of the attacker

What is the purpose of categorizing adversaries based on their characteristics?

To help organizations better anticipate and defend against cyber threats

What is an adversary in the context of security?

An attacker with malicious intent

What are the resources that cyber adversaries can possess to carry out malicious activities?

Hacking tools, financial resources, and malwares

What do the technical skills and expertise of an adversary refer to?

Capabilities

What is the primary goal of an adversary's intent?

To obtain or manipulate specific data within a system

What is an example of a motivation for conducting cyber attacks?

For financial gain

What is the difference between an adversary's intent and motivation?

Intent is the goal, while motivation is the underlying reason

What is an example of an adversary's capability?

The ability to steal data from a device

What is the primary motive behind an attacker's intent to steal private information?

To extort money from the victim

What does risk aversion refer to in the context of cyber attacks?

The level of care an adversary takes in their decisions

What is technical access?

Exploiting a vulnerability

What is the attack surface of an enterprise network?

The sum of all the points where an attacker could attempt unauthorized access

What is the primary goal of implementing Zero-trust Policies in a network?

To require authentication for all users and devices

What is the term used to describe the method that bad actors use to break into or sneak into a network or system?

Attack Vector

What is an example of credential-based access?

Using stolen username and password

Which of the following is NOT an example of an attack vector?

Network Security Solution

What is the difference between intent and motivation in the context of cyber attacks?

Intent is the goal, motivation is the reason for achieving the goal

What is the purpose of an attack tree?

To model the steps needed for a successful attack

What is the result of a successful attack according to the attack tree model?

A complete set of requirements from the nodes at the bottom to those at the top

Why is it important to regularly check for vulnerabilities in a network?

To identify potential entry points for attackers

What is a key benefit of using attack trees in understanding cyber security risk?

Providing a visualization of the problem to develop a deeper understanding of the risk

What do nodes represent in an attack tree?

Any action from an attacker

What is the purpose of the root node in an attack tree?

To represent the core issue being addressed

How is an attack tree built?

By following a series of steps, including identifying the core issue, creating the root node, and adding nodes and branches

What is the goal of the final step in building an attack tree?

To ensure each branch of the tree ends in a leaf node

What is the purpose of an attack tree's branches?

To represent the dependencies between nodes