Operational Concepts
Insider threat
What is malicious software designed to harm or exploit systems?
Malware
Actions on the Objective
What is the term for the process of detecting, containing, and recovering from attacks?
Incident Response
What is using multiple verification methods called?
MFA
What is a highly skilled, persistent adversary targeting specific entities over time?
APT
What is an exploit for an unknown/unpatched vulnerability?
Zero-day Exploit
What stage takes advantage of a vulnerability?
Exploitation
What is the term for dividing networks to limit the spread of attacks?
Network Segmentation
What is it called when someone attempts to crack a password by guessing passwords repeatedly?
Brute Force
What are patterns of behavior used by threat actors during operations?
TTPs
What is the system attackers use to remotely control compromised machines?
C2
What stage includes moving within a network?
Lateral Movement
What is the term for monitoring endpoints for threats and response actions?
EDR
What is a hidden access point to a system called?
Backdoor
What are actions taken to achieve objectives in or through cyberspace (offense, defense, or intelligence)?
Cyber Operations
What is a network of infected devices controlled by an attacker?
Botnet
Which stage includes establishing malware presence?
Installation
What is it called when a system administrator trusts nothing and continuously verifies users and devices connecting to the network?
Zero Trust
What is it called when a hacker uses stolen credentials across systems?
Credential Stuffing
What are deceptive messages to trick users into revealing information?
Phishing
What stage includes the gathering of target information?
Reconnaissance
Pen Testing
What is it called when you verify your identity?
Authentication