Threat Management Terms and Concepts Flashcards

AcronymDefinition
What is malware?Malware is any software intentionally designed to cause damage to a computer, server, client, or computer network.
Define phishing.Phishing is a type of social engineering attack often used to steal user data, including login credentials and credit card numbers.
What is ransomware?Ransomware is a type of malicious software designed to block access to a computer system until a sum of money is paid.
What are indicators of compromise (IoCs)?IoCs are pieces of data that indicate a potential breach or malicious activity within a network or system.
Name a common source of threat intelligence.Common sources include open-source intelligence (OSINT), commercial threat intelligence providers, and internal threat data.
Explain threat hunting.Threat hunting is a proactive cybersecurity search through networks and endpoints to find malicious actors that have evaded existing security solutions.
What is vulnerability management?Vulnerability management is the process of identifying, classifying, remediating, and mitigating vulnerabilities.
List the steps in the vulnerability management process.The steps are identification, evaluation, treatment, and reporting.
What is a false positive in threat detection?A false positive occurs when benign activity is incorrectly identified as malicious.
What is a false negative in threat detection?A false negative occurs when malicious activity is not detected by the security systems.
Define the term 'attack vector'.An attack vector is a path or means by which a hacker can gain access to a computer or network server to deliver a payload or malicious outcome.
What is a zero-day vulnerability?A zero-day vulnerability is a software security flaw that is known to the software vendor but does not have a patch in place to fix the flaw.
Explain the term 'exploit'.An exploit is a piece of software, a chunk of data, or a sequence of commands that takes advantage of a bug or vulnerability in order to cause unintended or unanticipated behavior to occur.
What is a botnet?A botnet is a number of internet-connected devices, each of which is running one or more bots. Botnets can be used to perform distributed denial-of-service attacks (DDoS).
Define 'rootkit'.A rootkit is a collection of computer software, typically malicious, designed to enable access to a computer or an area of its software that is not otherwise allowed and often masks its existence or the existence of other software.
Front
Explain the term 'exploit'.
Click the card to flip
Back
An exploit is a piece of software, a chunk of data, or a sequence of commands that takes advantage of a bug or vulnerability in order to cause unintended or unanticipated behavior to occur.
Front
What are indicators of compromise (IoCs)?
Back
IoCs are pieces of data that indicate a potential breach or malicious activity within a network or system.
Front
What is a botnet?
Back
A botnet is a number of internet-connected devices, each of which is running one or more bots. Botnets can be used to perform distributed denial-of-service attacks (DDoS).
Front
Define the term 'attack vector'.
Back
An attack vector is a path or means by which a hacker can gain access to a computer or network server to deliver a payload or malicious outcome.
Front
What is vulnerability management?
Back
Vulnerability management is the process of identifying, classifying, remediating, and mitigating vulnerabilities.
Front
What is ransomware?
Back
Ransomware is a type of malicious software designed to block access to a computer system until a sum of money is paid.
Front
List the steps in the vulnerability management process.
Back
The steps are identification, evaluation, treatment, and reporting.
Front
Define phishing.
Back
Phishing is a type of social engineering attack often used to steal user data, including login credentials and credit card numbers.
Front
Define 'rootkit'.
Back
A rootkit is a collection of computer software, typically malicious, designed to enable access to a computer or an area of its software that is not otherwise allowed and often masks its existence or the existence of other software.
Front
What is a false negative in threat detection?
Back
A false negative occurs when malicious activity is not detected by the security systems.
Front
Name a common source of threat intelligence.
Back
Common sources include open-source intelligence (OSINT), commercial threat intelligence providers, and internal threat data.
Front
What is malware?
Back
Malware is any software intentionally designed to cause damage to a computer, server, client, or computer network.
Front
Explain threat hunting.
Back
Threat hunting is a proactive cybersecurity search through networks and endpoints to find malicious actors that have evaded existing security solutions.
Front
What is a zero-day vulnerability?
Back
A zero-day vulnerability is a software security flaw that is known to the software vendor but does not have a patch in place to fix the flaw.
Front
What is a false positive in threat detection?
Back
A false positive occurs when benign activity is incorrectly identified as malicious.
1/15