CyberRookie CSX Fundamentals - Section 6: Security Implications and adoption of evolving technology
1 view 0 purchase
Course
CyberRookie CSX Fundamentals
Institution
Western Governors University
Book
Great Jobs for Computer Science Majors 2nd Ed.
A threat landscape or threat environment Correct Answer: is a collection of threats.
The cybersecurity threat landscape is Correct Answer: constantly changing and evolving as new technologies are developed and cyberattacks and tools become more sophisticated
Corporations are becoming increa...
cyberrookie csx fundamentals section 6 security implications and adoption of evolving technology
Connected book
Book Title:
Author(s):
Edition:
ISBN:
Edition:
Written for
Western Governors University
CyberRookie CSX Fundamentals
All documents for this subject (4)
Seller
Follow
Classroom
Reviews received
Content preview
CyberRookie CSX Fundamentals - Section 6: Security
Implications and adoption of evolving technology
A threat landscape or threat environment Correct Answer: is a collection of threats.
The cybersecurity threat landscape is Correct Answer: constantly changing and evolving as new
technologies are developed and cyberattacks and tools become more sophisticated
Corporations are becoming increasingly dependent on Correct Answer: digital technologies that
can be susceptible to cyber security risk
Cloud computing, social media, and mobile computing are Correct Answer: changing how
organizations use and share information. They provide increased levels of access and
connectivity, which create larger openings for cybercrime.
Cybercriminals are usually motivated by one or more of the following: Correct Answer:
Financial gains, Intellectual property (espionage), Politics (hacktivism)
Recent trends in the cyberthreat landscape include Correct Answer: Threat agents are more
sophisticated, Attack patterns are now being applied to mobile devices, Multiple nation states
have the capabilities to infiltrate government and private targets, Cloud computing targets, Social
networks, data as an asset allows for the potential for big data breaches.
Advanced persistent threats (APTs) Correct Answer: are relatively new phenomena for many
organizations
Although the motives behind Advanced persistent threats are not entirely new Correct Answer:
the degree of planning, resources employed and techniques used in APT attacks are
unprecedented
These threats demand a degree of vigilance and a set of countermeasures that Correct Answer:
are above and beyond those routinely used to counter everyday security threats from computer
hackers,
viruses or spammers.
Many experts regard APTs as Correct Answer: nothing new or, simply the latest evolution in
attack techniques that have been developing over many years, the term is misleading, pointing
out that many attacks classed as APTs are not especially clever or novel.
An APT is Correct Answer: a targeted threat that is composed of various complex attack vectors
and can remain undetected for an extended
period of time.
It is a specifically targeted and sophisticated attack that Correct Answer: keeps coming after the
victim
,An example of an APT is Correct Answer: spear phishing, where social engineering techniques
are used to masquerade as a trusted party to obtain important information such as passwords
from the victim
But most APT attacks originate from Correct Answer: more sinister sources
APTs are often the work of Correct Answer: professional teams employed by organized crime
groups, determined activists or governments. This means they are likely to be well-planned,
sophisticated, well-resourced and potentially more damaging
APT attacks vary significantly in their approach; however, they share the following
characteristics Correct Answer: Well-researched, Sophisticated, Stealthy, Persistent
Well-researched APT attacks Correct Answer: APT agents thoroughly research their targets,
plan their use of resources and anticipate countermeasures.
Sophisticated APT attacks Correct Answer: APT attacks are often designed to exploit multiple
vulnerabilities in a single attack. They employ an extensive framework of attack modules
designed for executing automated tasks and targeting multiple platforms.
Stealthy APT attacks Correct Answer: APT attacks often go undetected for months and
sometimes years. They are unannounced and disguise themselves using obfuscation techniques
or hide in out-of-reach places.
Persistent APT attacks Correct Answer: APT attacks are long-term projects with a focus on
reconnaissance. If one attack is successfully blocked, the perpetrators respond with new attacks.
And, they are always looking for methods or information to launch future attacks.
APTs target companies of all Correct Answer: sizes across all sectors of industry and all
geographic regions that contain high value assets.
Staff of all levels of seniority, ranging from administrative assistants to chief executives Correct
Answer: can be selected as a target for a spear-phishing attack
Small companies and contractors might Correct Answer: be penetrated because they are a
supplier of services to a targeted victim
Individuals might be selected if Correct Answer: they are perceived to be a potential stepping
stone to help gain access to the ultimate target.
No industry with valuable secrets or other sources of commercial advantage that can be copied or
undermined
through espionage is Correct Answer: safe from an APT attack
No enterprise that controls money transfers, processes
, credit card data or stores personally identifiable data on individuals can be Correct Answer:
sheltered from criminal attacks
no industry that supplies or supports critical national infrastructure Correct Answer: is immune
from an intrusion by cyberwarriors.
APT attacks often encompass Correct Answer: third-party organizations delivering services to
targeted enterprises
Third party suppliers can be perceived by Correct Answer: an attacker as the weakest link of
large companies and government departments because they are generally less well protected.
No matter how effective a company's external
perimeter security might be Correct Answer: it can be of limited value unless extended across its
supply chain
Threat from Intelligence agencies Correct Answer: seek Political, defense or commercial trade
secrets and impact is Loss of trade secrets or commercial, competitive
advantage
Threat from Criminal groups Correct Answer: seek Money transfers, extortion opportunities,
personal identity information or any secrets for potential onward sale and impact is Financial
loss, large-scale customer data breach or loss of trade secrets
Threat from Terrorist groups Correct Answer: seek Production of widespread terror through
death, destruction and disruption and impact is Loss of production and services, stock market
irregularities, and
potential risk to human life
Threat from Activist groups Correct Answer: seek Confidential information or disruption of
services and impact is Major data breach or loss of service
Threat from Armed forces Correct Answer: seek Intelligence or positioning to support future
attacks on critical national infrastructure and impact is Serious damage to facilities in the event
of a military conflict
Even though no two APT attacks are exactly alike Correct Answer: they often follow a similar
life cycle
APTs start with Correct Answer: intelligence gathering, which includes selecting and
researching their target, planning the attack and collecting
and analyzing data from an initial penetration
After intelligence gathering happens in an APT Correct Answer: The attacker then establishes
command and control, collecting targeted information. That information is then exfiltrated to the
attacker's location to be disseminated or
The benefits of buying summaries with Stuvia:
Guaranteed quality through customer reviews
Stuvia customers have reviewed more than 700,000 summaries. This how you know that you are buying the best documents.
Quick and easy check-out
You can quickly pay through credit card or Stuvia-credit for the summaries. There is no membership needed.
Focus on what matters
Your fellow students write the study notes themselves, which is why the documents are always reliable and up-to-date. This ensures you quickly get to the core!
Frequently asked questions
What do I get when I buy this document?
You get a PDF, available immediately after your purchase. The purchased document is accessible anytime, anywhere and indefinitely through your profile.
Satisfaction guarantee: how does it work?
Our satisfaction guarantee ensures that you always find a study document that suits you well. You fill out a form, and our customer service team takes care of the rest.
Who am I buying these notes from?
Stuvia is a marketplace, so you are not buying this document from us, but from seller Classroom. Stuvia facilitates payment to the seller.
Will I be stuck with a subscription?
No, you only buy these notes for $12.49. You're not tied to anything after your purchase.
