Threat Management Terms and Concepts Flashcards

A zero-day vulnerability is a software security flaw that is known to the software vendor but does not have a patch in place to fix the flaw.

Phishing is a type of social engineering attack often used to steal user data, including login credentials and credit card numbers.

A false positive occurs when benign activity is incorrectly identified as malicious.

Ransomware is a type of malicious software designed to block access to a computer system until a sum of money is paid.

An exploit is a piece of software, a chunk of data, or a sequence of commands that takes advantage of a bug or vulnerability in order to cause unintended or unanticipated behavior to occur.

An attack vector is a path or means by which a hacker can gain access to a computer or network server to deliver a payload or malicious outcome.

Malware is any software intentionally designed to cause damage to a computer, server, client, or computer network.

A rootkit is a collection of computer software, typically malicious, designed to enable access to a computer or an area of its software that is not otherwise allowed and often masks its existence or the existence of other software.

A botnet is a number of internet-connected devices, each of which is running one or more bots. Botnets can be used to perform distributed denial-of-service attacks (DDoS).

Threat hunting is a proactive cybersecurity search through networks and endpoints to find malicious actors that have evaded existing security solutions.

Vulnerability management is the process of identifying, classifying, remediating, and mitigating vulnerabilities.

IoCs are pieces of data that indicate a potential breach or malicious activity within a network or system.

Common sources include open-source intelligence (OSINT), commercial threat intelligence providers, and internal threat data.

A false negative occurs when malicious activity is not detected by the security systems.