Lack of training: Untrained staff may be susceptible to malicious activity such as phishing emails and vishing phone calls Show Data retention: Data backups are a preventative measure taken by most organizations. However, they can become unwieldy and difficult to maintain. Be sure to implement strong security measures for stored data. Unpatched systems: Systems may be vulnerable to known exploits when unpatched. Weak passwords: Threat actors have access to tables of many thousand common passwords. Users who utilize weak passwords make their systems vulnerable. Default credentials: Hardware and appliances often come with a default username and password. When the username and/or password is unchanged, attackers can easily gain access to network infrastructure. Open ports: Scanning tools used by threat actors will find any opening possible into a system or device. If open ports are not protected, attackers can gain access to a system. Default programs: Most systems come preconfigured to run default programs. Some of these programs may have known vulnerabilities that can be exploited.
Terms in this set (99)What is the correct sequence of steps involved in scheduling a threat intelligence program? (Page 182) Jim works as a security analyst in a large multinational company. Recently, a group of hackers penetrated into their organizational network and used a data staging technique to collect sensitive data. They collected all sorts of
sensitive data about the employees and customers, business tactics of the organization, financial information, network infrastructure information, and so on. Walter and Sons Company has faced major cyber attacks and lost confidential data. The company has decided to concentrate more on the security rather than other resources. Therefore,
they hired Alice, a threat analyst, to perform data analysis. Alice was asked to perform qualitative data analysis to extract useful information from collected bulk data. An organization suffered many major attacks and lost critical information, such as employee records, and financial information. Therefore, the management decides to hire a threat analyst to extract the strategic threat intelligence that provides high-level information regarding current cyber-security posture, threats, details on the financial impact of various cyber-activities, and so
on. Sets with similar termsOther sets by this creatorRecommended textbook solutions
Other Quizlet sets |