Certified Cybersecurity Technician Exam 212-82 PDF
Document Details
Uploaded by barrejamesteacher
null
EC-Council
Tags
Related
- Certified Cybersecurity Technician Information Security Threats and Vulnerabilities PDF
- Certified Cybersecurity Technician Information Security Threats And Vulnerabilities PDF
- Certified Cybersecurity Technician Module 01 PDF
- Information Security and Management PDF
- Legal and Privacy Issues in Information Security PDF (Chapter 1)
- Introduction To Information Security Terminology PDF
Summary
This document describes cybersecurity threats, including their sources, actors, malware, and vulnerabilities. Security professionals need to understand these to handle and tackle evolving threats effectively.
Full Transcript
Certified Cybersecurity Technician Information Security Threats and Vulnerabilities Module Exam 212-82 Flow Define Threats Sources Define Threat Actors/ Agents Define Malware and its Types @ Define Vulnerabilities Understand Diffexrent Types of Vulnerabilities Copyright © by EC-{ L. All Rights Reser...
Certified Cybersecurity Technician Information Security Threats and Vulnerabilities Module Exam 212-82 Flow Define Threats Sources Define Threat Actors/ Agents Define Malware and its Types @ Define Vulnerabilities Understand Diffexrent Types of Vulnerabilities Copyright © by EC-{ L. All Rights Reserved. Reproduction is Strictly Prohibited. Define Threats Sources The security professionals need to understand the threat and threat sources to easily tackle and handle the evolving threats, their TTPs, and actors. This section discusses the threat, and threat sources. Module 01 Page 5 Certified Cybersecurity Technician Copyright © by EG-Gouncil All Rights Reserved. Reproduction is Strictly Prohibited. Certified Cybersecurity Technician Information Security Threats and Vulnerabilities Exam 212-82 What is a Threat? = A threatis the potential occurrence of an undesirable event that can eventually damage and disrupt the operational and functional activities of an organization Attackers use cyber threats to infiltrate and steal data such as individual’s personal information, financial information, and login credentials Copyright © by EC-Councll. All Rights Reserved. Reproduction ks Strictly Prohibited. What is a Threat? A threat is the potential occurrence of an undesirable event that can eventually damage and disrupt the operational and functional activities of an organization. A threat can be any type of entity or action performed on physical or intangible assets that can disrupt security. The existence of threats may be accidental, intentional, or due to the impact of another action. Attackers use cyber threats to infiltrate and steal data such as personal information, financial information, and login credentials. They can also use a compromised system to perform malicious activities and launch further attacks. The criticality of a threat is based on how much damage it can cause, how uncontrollable it is, or the level of complexity in identifying the latest discovered integrity, threat incident or availability in advance. (CIA) of data. Threats They to data also result assets cause in data loss, loss of confidentiality, identity theft, cyber sabotage, and information disclosure. Examples of Threats = An attacker stealing sensitive data of an organization * An attacker causing a server to shut down = An attacker tricking an employee into revealing sensitive information = An attacker infecting a system with malware = An attacker spoofing the identity of an authorized person to gain access = An attacker modifying or tampering with the data transferred over a network = An attacker remotely altering the data in a database server = An attacker performing URL redirection or URL forwarding Module 01 Page 6 Certified Cybersecurity Technician Copyright © by EG-Council All Rights Reserved. Reproduction is Strictly Prohibited. Certified Cybersecurity Technician Information Security Threats and Vulnerabilities Exam 212-82 * An attacker performing privilege escalation for unauthorized access » An attacker executing denial-of-service (DoS) attacks for making resources unavailable * An attacker eavesdropping on a communication channel without authorized access Module 01 Page 7 Certified Cybersecurity Technician Copyright © by EG-Council All Rights Reserved. Reproduction is Strictly Prohibited.