Threat Management Terms and Concepts Flashcards
Front | Back |
Define phishing. | Phishing is a type of social engineering attack often used to steal user data, including login credentials and credit card numbers. |
What are indicators of compromise (IoCs)? | IoCs are pieces of data that indicate a potential breach or malicious activity within a network or system. |
What is a botnet? | A botnet is a number of internet-connected devices, each of which is running one or more bots. Botnets can be used to perform distributed denial-of-service attacks (DDoS). |
Define the term 'attack vector'. | An attack vector is a path or means by which a hacker can gain access to a computer or network server to deliver a payload or malicious outcome. |
What is a false negative in threat detection? | A false negative occurs when malicious activity is not detected by the security systems. |
Name a common source of threat intelligence. | Common sources include open-source intelligence (OSINT), commercial threat intelligence providers, and internal threat data. |
Define 'rootkit'. | A rootkit is a collection of computer software, typically malicious, designed to enable access to a computer or an area of its software that is not otherwise allowed and often masks its existence or the existence of other software. |
What is ransomware? | Ransomware is a type of malicious software designed to block access to a computer system until a sum of money is paid. |
List the steps in the vulnerability management process. | The steps are identification, evaluation, treatment, and reporting. |
Explain threat hunting. | Threat hunting is a proactive cybersecurity search through networks and endpoints to find malicious actors that have evaded existing security solutions. |
Explain the term 'exploit'. | An exploit is a piece of software, a chunk of data, or a sequence of commands that takes advantage of a bug or vulnerability in order to cause unintended or unanticipated behavior to occur. |
What is a zero-day vulnerability? | A zero-day vulnerability is a software security flaw that is known to the software vendor but does not have a patch in place to fix the flaw. |
What is vulnerability management? | Vulnerability management is the process of identifying, classifying, remediating, and mitigating vulnerabilities. |
What is malware? | Malware is any software intentionally designed to cause damage to a computer, server, client, or computer network. |
What is a false positive in threat detection? | A false positive occurs when benign activity is incorrectly identified as malicious. |
Learn key cybersecurity concepts and terms related to threat management, including malware, phishing, ransomware, IoCs, attack vectors, and zero-day vulnerabilities. Understand processes like vulnerability management and threat hunting, and identify threats like botnets, exploits, and rootkits. Essential for anyone looking to strengthen their understanding of modern cyber threats and defenses.