Web 2.0 - A new way of using the internet for collaboration and sharing of data among individual users.
The user creates the content, but does not own it.
Web 3.0 - Based on "intelligent" Web applications. The user owns the content.
Ways to Circumvent Firewalls - - Port hopping: port/protocol randomly changed during session
- Using non-standard ports
- Tunneling
- Hiding within SSL encryption
Indicator of Compromise (IoC) - A network or OS artifact that provides high confidence that a computer
security incident has occurred.
Managed Security Service Providers (MSSPs) - Companies that provide security management services,
such as SIEMs or SOCs, for subscribing clients
Compliance - Minimum standard
Security - Process of implementing controls for compliance, often going a step further.
PCI DSS - Payment Card Industry Data Security Standard
EU GDDR - European Union General Data Protection Regulations
Cybercriminals - Most common attacker profile. Cause of increase of ransomeware attacks.
State-Affiliated Groups - High profile attacks against infrastructure, governments, voting systems, or
major corporations.
, Hacktivists - Preform high-profile attacks in an attempt to showcase their political or social cause.
Commonly use DoS attacks.
Cyberterrorists - Associated with state affiliations and are focused on causing damage and destruction.
Script Kiddies - Novice attackers who use publicly available attack tools.
Cybercrime Vendors - Threat actors who rent or sell their malware and exploits - including business
email compromise (BEC) and ransomeware.
Cyberattack Lifecycle - Reconnaissance => Weaponization => Delivery => Exploitation => Installation =>
Command and Control => Act and Objective
Reconnaissance - The attacker's plan before the cyberattack. They research and gather information
regarding the target. Attackers also use various tools to scan for network vulnerabilities that they can
exploit.
Weaponization - Attacker determine which method to use to compromise a target endpoint.
Delivery - Attacker attempts to deliver their weaponized payload to a target endpoint via some method
Exploitation - When the weaponized payload is delivered, it must be triggered. An end user may trigger
an exploit by clicking a link or opening an email attachment.
Installation - When the attacker escalates privileges on the compromised endpoint, for example, by
establishing remote shell access and installing rootkits or other malware.
Command and Control (C2) - Attacker establishes encrypted communication channels back to
command-and-control (C2) servers.
The benefits of buying summaries with Stuvia:
Guaranteed quality through customer reviews
Stuvia customers have reviewed more than 700,000 summaries. This how you know that you are buying the best documents.
Quick and easy check-out
You can quickly pay through credit card or Stuvia-credit for the summaries. There is no membership needed.
Focus on what matters
Your fellow students write the study notes themselves, which is why the documents are always reliable and up-to-date. This ensures you quickly get to the core!
Frequently asked questions
What do I get when I buy this document?
You get a PDF, available immediately after your purchase. The purchased document is accessible anytime, anywhere and indefinitely through your profile.
Satisfaction guarantee: how does it work?
Our satisfaction guarantee ensures that you always find a study document that suits you well. You fill out a form, and our customer service team takes care of the rest.
Who am I buying these notes from?
Stuvia is a marketplace, so you are not buying this document from us, but from seller oneclass. Stuvia facilitates payment to the seller.
Will I be stuck with a subscription?
No, you only buy these notes for $13.48. You're not tied to anything after your purchase.