Cyber Adversary Model: Attack Surfaces, Vectors, and Trees

Questions and Answers

What is the primary goal of an adversary in a security context?

• To assess the integrity of a protocol
• To improve the availability of a system
• To ensure the confidentiality of a system
• To disrupt or prevent proper operation of a secure system (correct)

What is a cyber adversary model used for?

• To respond to a cyber attack
• To assess the risk of a cyber attack
• To categorize types of attackers based on their characteristics (correct)
• To predict the capabilities of an attacker

What are the resources of an adversary referred to?

• The access and objectives of an adversary
• The motivation and intent of an adversary
• The assets and tools available to an adversary (correct)
• The capabilities and risk aversion of an adversary

What are the components of a cyber adversary model based on?

The characteristics of the attacker (A)

What is the purpose of categorizing adversaries based on their characteristics?

To help organizations better anticipate and defend against cyber threats (B)

What is an adversary in the context of security?

An attacker with malicious intent (C)

What are the resources that cyber adversaries can possess to carry out malicious activities?

Hacking tools, financial resources, and malwares (C)

What do the technical skills and expertise of an adversary refer to?

Capabilities (D)

What is the primary goal of an adversary's intent?

To obtain or manipulate specific data within a system (B)

What is an example of a motivation for conducting cyber attacks?

For financial gain (B)

What is the difference between an adversary's intent and motivation?

Intent is the goal, while motivation is the underlying reason (D)

What is an example of an adversary's capability?

The ability to steal data from a device (A)

What is the primary motive behind an attacker's intent to steal private information?

To extort money from the victim (C)

What does risk aversion refer to in the context of cyber attacks?

The level of care an adversary takes in their decisions (C)

What is technical access?

Exploiting a vulnerability (B)

What is the attack surface of an enterprise network?

The sum of all the points where an attacker could attempt unauthorized access (B)

What is the primary goal of implementing Zero-trust Policies in a network?

To require authentication for all users and devices (C)

What is the term used to describe the method that bad actors use to break into or sneak into a network or system?

Attack Vector (C)

What is an example of credential-based access?

Using stolen username and password (D)

Which of the following is NOT an example of an attack vector?

Network Security Solution (A)

What is the difference between intent and motivation in the context of cyber attacks?

Intent is the goal, motivation is the reason for achieving the goal (B)

What is the purpose of an attack tree?

To model the steps needed for a successful attack (A)

What is the result of a successful attack according to the attack tree model?

A complete set of requirements from the nodes at the bottom to those at the top (C)

Why is it important to regularly check for vulnerabilities in a network?

To identify potential entry points for attackers (B)

What is a key benefit of using attack trees in understanding cyber security risk?

Providing a visualization of the problem to develop a deeper understanding of the risk (A)

What do nodes represent in an attack tree?

Any action from an attacker (A)

What is the purpose of the root node in an attack tree?

To represent the core issue being addressed (D)

How is an attack tree built?

By following a series of steps, including identifying the core issue, creating the root node, and adding nodes and branches (C)

What is the goal of the final step in building an attack tree?

To ensure each branch of the tree ends in a leaf node (C)

What is the purpose of an attack tree's branches?

To represent the dependencies between nodes (B)

Flashcards are hidden until you start studying