29 Questions
What is the term used to describe an individual or group that poses a threat to cybersecurity?
Cyber threat actor
What is the primary motivation of black hat hackers?
Financial gain
What is the attack vector in a cyber attack?
The path and tool used by a malicious threat actor to intrude a computer system
What is a characteristic of black hat organizations?
They have call centers to make outbound calls
What do black hat hackers sometimes try to convince victims to do?
Allow remote access to their computers
What is a way to categorize threat actors?
By their motivation, type of attack, and targeted sector
What is the primary objective of penetration testing?
To identify vulnerabilities and weaknesses in an organization's defenses
What is the purpose of reconnaissance and research in penetration testing?
To identify ways to legally bypass security controls and mechanisms
What do white hat hackers create to distract cybercriminals?
Honeypots
What is the purpose of a honeypot?
To mimic a target for hackers and gain information about cybercriminals
What do gray hat hackers often do?
Look for vulnerabilities in a system without the owner's permission
What do gray hat hackers sometimes do after finding issues?
Report the issues to the owner for a small fee
What is the purpose of Nmap's port scan?
To determine which services a host is running
What is theHarvester used for?
To gather open-source intelligence (OSINT) for a particular domain or company
What is the purpose of the nslookup command?
To query internet domain name servers
What is the main goal of service discovery?
To determine which services each host is running
What is Nmap Netstat used for?
To show the state of TCP/UDP ports on the local machine
What does Dnsenum do?
Packages a number of DNS tests into a single query
What is a primary goal of an attacker using a rootkit?
To gain remote control and administration-level access over a system
Why are IoT attacks becoming more popular?
Due to the rapid growth of IoT devices and low priority given to embedded security
What is a common result of a rootkit attack?
Data theft
What type of access can an attacker gain using a rootkit?
Administration-level access
What is a common target of IoT attacks?
Low-security devices
What is the primary goal of threat hunting in a network?
To proactively search for undetected cyber threats
What is the primary purpose of a penetration testing process?
To test the efficiency of security measures in place
What is the role of the red team in a red team/blue team exercise?
To try to attack an organization's cybersecurity defenses
What is the main difference between social engineering and technical hacking?
Social engineering uses human nature, while technical hacking uses technical skills
What is the final phase of the penetration testing process?
Final analysis and report
What is the primary goal of a blue team in a red team/blue team exercise?
To defend against and respond to the red team's attack
Test your knowledge of cyber threat actors, including their motivations, types of attacks, and targeted sectors. Learn about the paths and tools used to intrude computer systems and more.
Make Your Own Quizzes and Flashcards
Convert your notes into interactive study material.
Get started for free
