CyberRookie CSX Fundamentals - Section 6: Security
Implications and adoption of evolving technology
A threat landscape or threat environment Correct Answer: is a collection of threats.
The cybersecurity threat landscape is Correct Answer: constantly changing and evolving as new
technologies are developed and cyberattacks and tools become more sophisticated
Corporations are becoming increasingly dependent on Correct Answer: digital technologies that
can be susceptible to cyber security risk
Cloud computing, social media, and mobile computing are Correct Answer: changing how
organizations use and share information. They provide increased levels of access and
connectivity, which create larger openings for cybercrime.
Cybercriminals are usually motivated by one or more of the following: Correct Answer:
Financial gains, Intellectual property (espionage), Politics (hacktivism)
Recent trends in the cyberthreat landscape include Correct Answer: Threat agents are more
sophisticated, Attack patterns are now being applied to mobile devices, Multiple nation states
have the capabilities to infiltrate government and private targets, Cloud computing targets, Social
networks, data as an asset allows for the potential for big data breaches.
Advanced persistent threats (APTs) Correct Answer: are relatively new phenomena for many
organizations
Although the motives behind Advanced persistent threats are not entirely new Correct Answer:
the degree of planning, resources employed and techniques used in APT attacks are
unprecedented
These threats demand a degree of vigilance and a set of countermeasures that Correct Answer:
are above and beyond those routinely used to counter everyday security threats from computer
hackers,
viruses or spammers.
Many experts regard APTs as Correct Answer: nothing new or, simply the latest evolution in
attack techniques that have been developing over many years, the term is misleading, pointing
out that many attacks classed as APTs are not especially clever or novel.
An APT is Correct Answer: a targeted threat that is composed of various complex attack vectors
and can remain undetected for an extended
period of time.
It is a specifically targeted and sophisticated attack that Correct Answer: keeps coming after the
victim
,An example of an APT is Correct Answer: spear phishing, where social engineering techniques
are used to masquerade as a trusted party to obtain important information such as passwords
from the victim
But most APT attacks originate from Correct Answer: more sinister sources
APTs are often the work of Correct Answer: professional teams employed by organized crime
groups, determined activists or governments. This means they are likely to be well-planned,
sophisticated, well-resourced and potentially more damaging
APT attacks vary significantly in their approach; however, they share the following
characteristics Correct Answer: Well-researched, Sophisticated, Stealthy, Persistent
Well-researched APT attacks Correct Answer: APT agents thoroughly research their targets,
plan their use of resources and anticipate countermeasures.
Sophisticated APT attacks Correct Answer: APT attacks are often designed to exploit multiple
vulnerabilities in a single attack. They employ an extensive framework of attack modules
designed for executing automated tasks and targeting multiple platforms.
Stealthy APT attacks Correct Answer: APT attacks often go undetected for months and
sometimes years. They are unannounced and disguise themselves using obfuscation techniques
or hide in out-of-reach places.
Persistent APT attacks Correct Answer: APT attacks are long-term projects with a focus on
reconnaissance. If one attack is successfully blocked, the perpetrators respond with new attacks.
And, they are always looking for methods or information to launch future attacks.
APTs target companies of all Correct Answer: sizes across all sectors of industry and all
geographic regions that contain high value assets.
Staff of all levels of seniority, ranging from administrative assistants to chief executives Correct
Answer: can be selected as a target for a spear-phishing attack
Small companies and contractors might Correct Answer: be penetrated because they are a
supplier of services to a targeted victim
Individuals might be selected if Correct Answer: they are perceived to be a potential stepping
stone to help gain access to the ultimate target.
No industry with valuable secrets or other sources of commercial advantage that can be copied or
undermined
through espionage is Correct Answer: safe from an APT attack
No enterprise that controls money transfers, processes
, credit card data or stores personally identifiable data on individuals can be Correct Answer:
sheltered from criminal attacks
no industry that supplies or supports critical national infrastructure Correct Answer: is immune
from an intrusion by cyberwarriors.
APT attacks often encompass Correct Answer: third-party organizations delivering services to
targeted enterprises
Third party suppliers can be perceived by Correct Answer: an attacker as the weakest link of
large companies and government departments because they are generally less well protected.
No matter how effective a company's external
perimeter security might be Correct Answer: it can be of limited value unless extended across its
supply chain
Threat from Intelligence agencies Correct Answer: seek Political, defense or commercial trade
secrets and impact is Loss of trade secrets or commercial, competitive
advantage
Threat from Criminal groups Correct Answer: seek Money transfers, extortion opportunities,
personal identity information or any secrets for potential onward sale and impact is Financial
loss, large-scale customer data breach or loss of trade secrets
Threat from Terrorist groups Correct Answer: seek Production of widespread terror through
death, destruction and disruption and impact is Loss of production and services, stock market
irregularities, and
potential risk to human life
Threat from Activist groups Correct Answer: seek Confidential information or disruption of
services and impact is Major data breach or loss of service
Threat from Armed forces Correct Answer: seek Intelligence or positioning to support future
attacks on critical national infrastructure and impact is Serious damage to facilities in the event
of a military conflict
Even though no two APT attacks are exactly alike Correct Answer: they often follow a similar
life cycle
APTs start with Correct Answer: intelligence gathering, which includes selecting and
researching their target, planning the attack and collecting
and analyzing data from an initial penetration
After intelligence gathering happens in an APT Correct Answer: The attacker then establishes
command and control, collecting targeted information. That information is then exfiltrated to the
attacker's location to be disseminated or
Implications and adoption of evolving technology
A threat landscape or threat environment Correct Answer: is a collection of threats.
The cybersecurity threat landscape is Correct Answer: constantly changing and evolving as new
technologies are developed and cyberattacks and tools become more sophisticated
Corporations are becoming increasingly dependent on Correct Answer: digital technologies that
can be susceptible to cyber security risk
Cloud computing, social media, and mobile computing are Correct Answer: changing how
organizations use and share information. They provide increased levels of access and
connectivity, which create larger openings for cybercrime.
Cybercriminals are usually motivated by one or more of the following: Correct Answer:
Financial gains, Intellectual property (espionage), Politics (hacktivism)
Recent trends in the cyberthreat landscape include Correct Answer: Threat agents are more
sophisticated, Attack patterns are now being applied to mobile devices, Multiple nation states
have the capabilities to infiltrate government and private targets, Cloud computing targets, Social
networks, data as an asset allows for the potential for big data breaches.
Advanced persistent threats (APTs) Correct Answer: are relatively new phenomena for many
organizations
Although the motives behind Advanced persistent threats are not entirely new Correct Answer:
the degree of planning, resources employed and techniques used in APT attacks are
unprecedented
These threats demand a degree of vigilance and a set of countermeasures that Correct Answer:
are above and beyond those routinely used to counter everyday security threats from computer
hackers,
viruses or spammers.
Many experts regard APTs as Correct Answer: nothing new or, simply the latest evolution in
attack techniques that have been developing over many years, the term is misleading, pointing
out that many attacks classed as APTs are not especially clever or novel.
An APT is Correct Answer: a targeted threat that is composed of various complex attack vectors
and can remain undetected for an extended
period of time.
It is a specifically targeted and sophisticated attack that Correct Answer: keeps coming after the
victim
,An example of an APT is Correct Answer: spear phishing, where social engineering techniques
are used to masquerade as a trusted party to obtain important information such as passwords
from the victim
But most APT attacks originate from Correct Answer: more sinister sources
APTs are often the work of Correct Answer: professional teams employed by organized crime
groups, determined activists or governments. This means they are likely to be well-planned,
sophisticated, well-resourced and potentially more damaging
APT attacks vary significantly in their approach; however, they share the following
characteristics Correct Answer: Well-researched, Sophisticated, Stealthy, Persistent
Well-researched APT attacks Correct Answer: APT agents thoroughly research their targets,
plan their use of resources and anticipate countermeasures.
Sophisticated APT attacks Correct Answer: APT attacks are often designed to exploit multiple
vulnerabilities in a single attack. They employ an extensive framework of attack modules
designed for executing automated tasks and targeting multiple platforms.
Stealthy APT attacks Correct Answer: APT attacks often go undetected for months and
sometimes years. They are unannounced and disguise themselves using obfuscation techniques
or hide in out-of-reach places.
Persistent APT attacks Correct Answer: APT attacks are long-term projects with a focus on
reconnaissance. If one attack is successfully blocked, the perpetrators respond with new attacks.
And, they are always looking for methods or information to launch future attacks.
APTs target companies of all Correct Answer: sizes across all sectors of industry and all
geographic regions that contain high value assets.
Staff of all levels of seniority, ranging from administrative assistants to chief executives Correct
Answer: can be selected as a target for a spear-phishing attack
Small companies and contractors might Correct Answer: be penetrated because they are a
supplier of services to a targeted victim
Individuals might be selected if Correct Answer: they are perceived to be a potential stepping
stone to help gain access to the ultimate target.
No industry with valuable secrets or other sources of commercial advantage that can be copied or
undermined
through espionage is Correct Answer: safe from an APT attack
No enterprise that controls money transfers, processes
, credit card data or stores personally identifiable data on individuals can be Correct Answer:
sheltered from criminal attacks
no industry that supplies or supports critical national infrastructure Correct Answer: is immune
from an intrusion by cyberwarriors.
APT attacks often encompass Correct Answer: third-party organizations delivering services to
targeted enterprises
Third party suppliers can be perceived by Correct Answer: an attacker as the weakest link of
large companies and government departments because they are generally less well protected.
No matter how effective a company's external
perimeter security might be Correct Answer: it can be of limited value unless extended across its
supply chain
Threat from Intelligence agencies Correct Answer: seek Political, defense or commercial trade
secrets and impact is Loss of trade secrets or commercial, competitive
advantage
Threat from Criminal groups Correct Answer: seek Money transfers, extortion opportunities,
personal identity information or any secrets for potential onward sale and impact is Financial
loss, large-scale customer data breach or loss of trade secrets
Threat from Terrorist groups Correct Answer: seek Production of widespread terror through
death, destruction and disruption and impact is Loss of production and services, stock market
irregularities, and
potential risk to human life
Threat from Activist groups Correct Answer: seek Confidential information or disruption of
services and impact is Major data breach or loss of service
Threat from Armed forces Correct Answer: seek Intelligence or positioning to support future
attacks on critical national infrastructure and impact is Serious damage to facilities in the event
of a military conflict
Even though no two APT attacks are exactly alike Correct Answer: they often follow a similar
life cycle
APTs start with Correct Answer: intelligence gathering, which includes selecting and
researching their target, planning the attack and collecting
and analyzing data from an initial penetration
After intelligence gathering happens in an APT Correct Answer: The attacker then establishes
command and control, collecting targeted information. That information is then exfiltrated to the
attacker's location to be disseminated or
