Cysa 1

Linux commands

Vulnerability scanners

Acronyms

Threat Actor Types

Misc

100

Command that searches inside a file that match a parameter

Grep

100

Exceptionally versatile command line assessment tool

Nmap

100

Non profit organization that helps web developers secure their apps

OWASP (Open Web App Security Project)

100

Uses cyber weapons to promote a political or religious agenda

Hacktivist

100

Device that combines traditional filtering with IDS, IPS, SSL inspection, and malware detection

Hint: NOT a UTM

NGFW (Next Generation Firewall)

200

Command that only references the first 10 lines of the specified file

Head

200

GUI tool associated with Nmap

Zenmap

200

Publicly available information used to understand threat actor tactics and techniques

OSINT (Open Source Intelligence)

200

Threat actors whose activities lead to increased risk as a result of their privileged access or employment

Insider threat

200

GUI packet capture tool, known for its use of filters

Wireshark

300

Command to change permissions on Linux

Chmod

300

Industry-standard method to display the severity of a vulnerability in layman's terms

CVSS (Common Vulnerability Score System)

300

Clue or warning that something MIGHT be amiss

IoC (Indicator of Compromise)

300

Well-funded and talented actors who are primarily interested in espionage as an APT

Nation State

300

Command-line packet analysis utility

Tcpdump

400

Command used to download files from web sites over the Internet

wget

400

List of requirements agreed to before accomplishing a vulnerability scan

RoE (Rules of Engagement)

400

A solution that helps organizations detect, analyze, and respond to security threats before they harm business operations

SIEM (Security Information & Event Management )

400

Uses scripts obtained on dark web

Script Kiddie

400

Security model that requires strict and continuous authentication (no matter the origin of the device/request) and assumes every request is a threat

Zero Trust

500

Command that can create a file, merge files together, and output info from a file

Concatenate (cat)

500

Term used when actively finding out information concerning a device, such as OS type and version

Fingerprinting

500

Lightweight open-standard web file format used to transport and store data

JSON (JavaScript Object Notation)

500

Cyber threat activities usually used to fund illicit activities

Organized crime

500

Routing technique relates to diverting traffic into a honeypot for further analysis

Sinkhole