General Security Concepts
2.1.1 - Threat Actors
General Security Concepts
2.1.1 - Threat Actors
General Security Concepts
2.1.1 - Threat Actors
General Security Concepts
2.1.1 - Threat Actors
General Security Concepts
2.1.1 - Threat Actors
100

________ are individuals with little expertise or knowledge in computer security. They often execute attacks using ready-made tools and are interested in causing chaos or gaining notoriety. Their skill level is considered low, as they rely on pre-existing tools rather than developing their own exploits.

What are -script kiddies-, and what is their typical skill level?

100

_______ _______ & ____  are highly advanced government or military organizations that conduct cyberattacks for intelligence gathering, disrupting enemy nations, and defending their citizens’ rights. They have extensive resources and capabilities, often with the full support of their governments, allowing them to carry out sophisticated exploits.

Describe the characteristics of -nation states and advanced persistent threats (APTs)- in the context of cybersecurity.

100

_________ are primarily driven by Political, commercial, or economic messages. 

What is a -hacktivist-

100

________ are a type of threat actor comes from inside of an organization and has trusted access to information?

What are -Internal threat actors-?

100

_________  are any business or organization that operates within the same domain as another business. For example, both Netflix and Hulu operate within the streaming video business

What are -Competitors-?

100

_______ _______ _________  are primarily motivated by financial gain and power. They engage in activities such as selling data on the dark web, conducting espionage, and interrupting business operations until ransoms are paid. Unlike other groups, their activities are focused on furthering their criminal enterprises

What distinguishes -organized crime groups- in terms of their motivations and activities?

100

_____ ______ hackers engage in malicious activities to cause harm or profit illegally

What are -black hat- (unauthorized user) hackers

100

______ _______ & ____ are group of threat actors  fueled by money and the desire to gain power to continue their influence

What are -Nation States and APT-

100

_______ _______ motivation involves disrupting the normal operation of systems, networks, or services for various reasons

What are -Service disruptions-?

100

A _______ can be defined as anyone who uses technology and its tools to bypass a normal operation to gain access to some system that they are not supposed to have.

What are -Hackers-?

100

_______ _______ are individuals within an organization who exploit their access to expose business secrets or data. They are dangerous because they have insider knowledge of the organization’s weaknesses and can execute attacks with a greater chance of going undetected. They often act out of vengeance or spite due to perceived injustices in the workplace.

What defines -insider threats-, and why are they considered particularly dangerous?

100

_______ ________  hackers identify and fix vulnerabilities with the intent of improving security

What are -white hat- (authorized user) hackers

100

Insider Threats primarily exploit to cause damage within an organization exploiting _______ ________ known within the organization. 

What are -weak points- known within the organization? 

100

_______/______ ______ are the primary motivation for hacktivist groups

What is -Philosophical/political beliefs- ?

100

_________ & __________ can determine how well a threat actor can support their attack on a network eithermonetarily or with the needed equipment and software.

What are -Resources & Funding-?

100

_______ ___  refers to departments or individuals within organizations that circumvent IT department rules to implement their own technologies or security measures. This can lead to security vulnerabilities, as these unauthorized systems may not adhere to organizational security standards or receive proper oversight from IT departments.

Explain the concept of -shadow IT- and its potential impact on organizations.

100

_______ _______ hackers fall between these categories, conducting potentially illegal activities without malicious intent, often for personal amusement or to expose vulnerabilities.

What are -grey hat- (semi-authorized) hackers 

100

________ type of hackers intend to cause damage and harm to their targets. 

What are -black hat- hackers?

100

________ ________ are groups of people who pose a threat to the security of software, data, or an organization’s well-being.

What are -Threat Actors- ?

100

_________ ________  entails stealing sensitive or valuable data for various purposes, such as selling information on the black market, conducting corporate espionage, or obtaining intellectual property.

What is -Data Exfiltration->

100

_________ are typically motivated by political, commercial, or economic ideologies. They use technology to spread their message and disrupt their perceived opponents’ technologies, such as websites and social media profiles. Unlike other groups, their attacks are driven by a cause rather than financial gain

How do -hacktivists- differ from other threat actor groups, and what motivates them?

100

A group of threat actors characterized by novice computer professionals with little expertise or knowledge

What are -script kiddies- ? 

100

_______ ___ work within larger organizations but not following IT department rules

How does -Shadow IT- operate?

100

APT stands for ______ ________ _______ 

What is -Advanced Persistent Threats-? 

100

_________ is the act of gathering intelligence or sensitive information for political, economic, or military advantages

What is -Espionage-?