Models and Types of Cyber Threats Overview

Questions and Answers

What is the primary characteristic of an Advanced Persistent Threat (APT) attack?

• It is an attack primarily carried out by novice hackers.
• It is a stealthy, prolonged attack orchestrated by skilled hackers for specific goals. (correct)
• It is a loud and obvious attack that is easily detected.
• It is a quick attack lasting only a few minutes.

Which organizations are prime targets for Advanced Persistent Threats (APTs)?

• Schools and small businesses
• Non-profit organizations
• Governments, corporations, or institutions with valuable data (correct)
• Individuals running personal websites

Why is early detection crucial in mitigating Advanced Persistent Threats (APTs)?

• To escalate the situation further
• To prevent extensive damage and stop the attackers' progress (correct)
• To study the attackers' methods
• To let the attackers cause extensive damage

What are some signs of insider threats to watch for?

Sudden changes in behavior or unauthorized data access (C)

Which of the following is NOT considered an emerging threat as mentioned in the text?

Legacy systems security (A)

How can organizations prepare for future threats according to the text?

By consistently updating software, implementing encryption, and adopting AI-driven defenses (D)

What is the primary goal of social engineers?

To gain trust by pretending to be someone else (C)

What is a common method used in phishing attacks?

Sending fake emails that ask for passwords or financial information (B)

How can malware be spread to devices?

Through email attachments, infected websites, or vulnerable software (D)

What is the impact of a Denial of Service (DoS) attack?

Websites become slow or unavailable during an attack (D)

How do attackers use malware to disrupt devices?

By stealing sensitive data or turning devices into botnets (B)

Which cyber attack involves tricking individuals into revealing sensitive information?

Phishing (A)

What is the purpose of cyber threat modeling?

To create a map of potential dangers in systems (C)

Which model helps in understanding different types of threats like Spoofing and Denial of Service?

STRIDE Model (D)

What is the focus of the DREAD model?

Rating the severity of a threat (A)

How does social engineering work as a cyber threat?

By manipulating people into giving up sensitive information (C)

What does the STRIDE model help in preventing?

Denial of Service attacks (B)

Why is it important to understand cyber threats?

To know where vulnerabilities exist and how to protect against them (A)