1_5_1 Section 1 – Attacks, Threats, and Vulnerabilities - 1.5 – Threat Actors and Vectors - Threat Actors

Questions and Answers

Who are the insiders that have a lot of control and reign over what they can do inside of a network?

Nation states

Script Kiddies

Hacktivists

Employers or contractors (correct)

What is the advantage that an insider has over an external attacker?

They are more skilled

They are more motivated

They have more resources

They know the internal network and systems (correct)

What is a nation state in the context of threat actors?

A type of malware

A government entity (correct)

A group of hackers

A group of activists

What is the goal of a hacktivist?

To send a political or social message

What is a Script Kiddie?

Someone who uses simple scripts to gain access

What motivates a Script Kiddie?

To prove their skills

What is organized crime in the context of threat actors?

A set of professional criminals

What is an example of a nation state being a threat entity?

The United States and Israel team together

What is the goal of a nation state entity?

To gain access to equipment or destroy it

What is the difference between a hacktivist and a Script Kiddie?

One is focused on a single message, the other is not

What motivates most threat actors who engage in hacking?

To gain financial benefits

What is the structure of a threat actor group like?

Similar to a normal business with different roles

What is the definition of a hacker?

An expert with technology, regardless of intentions

What is the role of an ethical hacker?

To find vulnerabilities and help resolve them

Who is a semi-authorized hacker?

A hacker who is looking for vulnerabilities but doesn't act on them

What is a shadow IT department?

A separate IT entity that bypasses the IT department

What is a disadvantage of having a shadow IT department?

May lead to compliance issues and security risks

What is a motivation for competitors to engage in hacking?

To cause harm to their competitors

What is a characteristic of a threat actor who engages in hacking for financial gain?

They usually have significant financial resources

What is the goal of a threat actor who engages in espionage?

To gain access to sensitive information

What is the primary goal of a threat actor?

To gain unauthorized access to a network

What is an Advanced Persistent Threat (APT)?

A threat that can get into a network and remain undetected for a long time

What is the average time it takes for threat actors to be detected in North and South America?

71 days

Which of the following is a characteristic of a threat actor who has infiltrated a network?

They are able to remain undetected for a long time

Why are insiders who are threat actors particularly dangerous?

They have already infiltrated the network

What is the general term used to describe an entity responsible for an event that has an impact on the safety of another entity?

Threat actor

What is the primary advantage of an insider threat actor over an external attacker?

They have knowledge of the network's design and security tools

What is the primary goal of a hacktivist?

To send a political or social message

What is the characteristic of a Script Kiddie?

They use simple scripts to gain access to networks

What is the primary characteristic of an organized crime group?

They are a group of professional criminals

What is the primary goal of a nation state entity?

National security

What is the advantage of a nation state entity over other threat actors?

They have access to highly skilled technologists and security experts

What is the primary motivation of a Script Kiddie?

To brag about their hacking abilities

What is the primary difference between a hacktivist and a Script Kiddie?

Their motivation

What is a common characteristic of a threat actor group that engages in hacking for financial gain?

They are structured like a typical business with different roles.

What is the primary characteristic of an insider threat actor?

They have a lot of control and reign over what they can do inside of the network

What is the primary goal of a malicious hacker?

To gain access to a network and cause mayhem.

What is the primary goal of an organized crime group in the context of hacking?

To Financial gain

What is a potential risk of creating a shadow IT department?

It can create security risks and compliance issues.

What motivates a competitor to engage in hacking against a business?

A desire to gain a competitive advantage.

What is the primary difference between an ethical hacker and a malicious hacker?

The permission they have to hack.

What is a characteristic of a semi-authorized hacker?

They look for vulnerabilities without taking advantage of them.

What is the benefit of having an ethical hacker?

They can help improve security and find weak points.

What is the typical structure of a threat actor group that engages in hacking for financial gain?

A structured organization with different roles.

What is a potential consequence of having a shadow IT department?

Internal infighting and dysfunction.

What is the motivation of a threat actor who engages in hacking for financial gain?

A desire to make a financial gain.

What is the primary goal of an advanced persistent threat (APT)?

To gain persistent access to sensitive data inside a network

What is the term used to describe an entity responsible for an event that has an impact on the safety of another entity?

Threat actor

According to a FireEye report, what is the average time it takes to detect an undetected attacker in North and South America?

71 days

What is the primary characteristic of an advanced threat?

It is a targeted attack that uses advanced techniques

Which type of threat actor is considered particularly dangerous?

Insider threats

What is the primary motivation of a threat actor?

To gain financial benefits