Add to collection(s) Add to saved
  1. No category
Uploaded by Jackthan2710

Comptia Note

advertisement 
Chapter 2
Vulnerability is a weakness that could be triggered accidentally or exploited intentionally to cause a security
breach. ( Asset Value # Ease of exploit )
Threat is the potential for someone or something to exploit a vulnerability and breach security. A threat
may be intentional or unintentional.
( Internal/ external, Malicious/ accidental )
Risk is the likelihood and impact (or consequence) of a threat actor exploiting a vulnerability.
Advanced Persistent Threat (APT) was coined to understand the behavior underpinning modern types of
cyber adversaries
State actors have been implicated in many attacks, particularly on energy and health network systems.
criminal syndicate can operate across the Internet from different jurisdictions than its victim, increasing the
complexity of prosecution.
Insider threats can be categorized as unintentional.
Attack vector is the path that a threat actor uses to gain access to a secure system.
1. Direct Access- this is a type of physical or local attack
2.Removable media—the attacker conceals malware on a USB thumb drive
3. Email—the attacker sends a malicious file attachment via email
4.Remote and wireless—
5. Supply Chain
6. Web and Social Media
Chapter 2B
Threat intelligence sources
1. Dark web—sites, content, and services accessible only over a dark net
2. Open source intelligence (OSINT)—some companies operate threat intelligence services on an
open-source basis
3. Closed/proprietary—the threat research and CTI data is made available as a paid subscription to a
commercial threat intelligence platform
4. Automated Indicator Sharing (AIS) is a service offered by the Department of Homeland Security (DHS) for
companies to participate in threat intelligence sharing
5. Indicators of compromise
6.
Automated indicator sharing (AIS) -
service offered by the Department of Homeland Security (DHS)
A) Structured Threat Information eXpression (STIX)- File of informtion, part of the framework describes
standard terminology for IoCs
B) Trusted Automated eXchange of Indicator Information (TAXII) - The protocol provides a means for
transmitting CTI data between servers and clients.
indicator of compromise (IoC) is a residual sign that an asset or network has been successfully attacked or is
continuing to be attacked.
A tactic, technique, or procedure (TTP) is a generalized statement of adversary behavior.
Threat map is an animated graphic showing the source, target, and type of attacks that have been
detected by a CTI platform.
File/Code Repositories
Chapter 3
Related documents
ex_buisness_expansion
ex_buisness_expansion
1984 Anticipation Guide
1984 Anticipation Guide
Apocalypse Assignment
Apocalypse Assignment
The foremost goal of the information security function should be to
The foremost goal of the information security function should be to
Stress Management - Dr. Fayose
Stress Management - Dr. Fayose
RULE
RULE
Download
advertisement