Attacks, threats and vulnerabilities
This fairly recent vulnerability affecting many Apache applications allowed unauthenticated remote code execution
What is log4j
This type of disaster recovery sites would require the MOST time to get operations back online.
What is a cold site
As of 2018, this is currently the strongest method of securing Wi-Fi networks.
What is WPA3 (Wireless Protected Access 3)
This is always the first stage of any Incident Response Process
What is the Preparation Phase
This type of document stipulating rules of behavior to be followed by users of computers, networks, and associated resources.
What is an Acceptable Use Policy (AUP)
This Windows scripting tool is commonly used by fileless malware to compromise Windows workstations.
What is Powershell
A security manager needed to protect a high-security datacenter, so the manager installed an access control vestibule that can detect an employee's heartbeat, weight, and badge. This type of security control was implemented.
What is Physical
This is the concept of having more than one person required to complete a given task.
What are separation of duties
An analyst notices regular traffic between an infected system and a known malicious host on TCP port 6667. This is the type of traffic most likely being detected.
What is Command & Control (C2)
This is a legal contract between the holder of confidential information and another person to whom that information is disclosed prohibiting that other person from disclosing the confidential information to any third party.
What is a Non-Disclosure Agreement (NDA)
This type of attack targets a Chief Executive Officer (or other high level employee) by sending email messages that have suspicious links embedded from unrecognized senders.
What is Whaling
This is an enclosure, usually consisting of a mesh of conductive material, used to block electromagnetic fields.
What is a Faraday cage
This is an agreement between a service provider and users defining the nature, availability, quality, and scope of the service to be provided.
What is a Statement of Work (SOW)
An analyst discovers that attackers have left software that allows them to have remote access to systems on a computer in their company's network. This is the malware's classification.
What is a RAT?
This compliance standard is used to secure computer systems used to process electronic payments.
What is PCI DSS
A company has recently fired the developer of a key application. After the termination, the critical application that they had written for the organization stopped working and now displays a message reading, "You shouldn't have fired me!" The developer's access was terminated and the organization is sure that they do not have access to any systems or code after they left the organization. This is the type of attack that most likely happened.
What is a logic bomb
This cloud service model allows users the ability to allocate virtualized computing resources, such as processors and memory, over the internet.
What is IaaS
This term refers to an agreement that specifies performance requirements for a vendor.
What is a Service Level Agreement (SLA)
This is the typical malware classification for adware.
What is PUP (potentially unwanted program)
This group is a nonprofit organization promoting best security practices related to cloud computing environments.
What is the Cloud Security Alliance (CSA)
This state sponsored Russian intelligence group is believed to be behind the 2020 SolarWinds Orion attack.
What is UNC2452 (a.k.a Dark Halo, Nobelium, SilverFish, StellarParticle)
This is what the acronym "AAA" stands for in cyber security.
What is Authentication, Authorization, and Accounting
The "Run as administrator" option in MS Windows allows users with lower-level permissions to perform tasks reserved for system administrators. This is it's equivalent in Linux.
What is sudo
This security framework is a globally-accessible knowledge base of adversary tactics and techniques based on real-world observations.
What is MITRE ATT&CK framework
This is the formula for calculating Acceptable Loss Expectancy (ALE).
What is:
ALE (Acceptable Loss Expectancy) = SLE (Single Loss Expectancy x ARO (Annual Rate of Occurrence)