[CERTMaster]

• Hacktivists
• sophistication 
• State actors 
• private sharing center 
• advanced persistent threats (APT)

• Hacktivists use cyber weapons to promote an agenda, steal confidential information, perform DoS attacks, or deface websites. For example, environmental and animal advocacy groups may target companies in a wide range of industries.

• Advanced Persistent Threats (APTs) are cyber nation state adversaries that have developed cybersecurity expertise and use cyber weapons to compromise network security and achieve military and commercial goals.

• Insider threats are employees who harbor grievances or perpetrate fraud. For example, an insider threat might plan and execute a campaign to modify invoices and divert funds.
• Hackers are individuals who have the skills to gain access to computer systems through unauthorized or unapproved means. The term is sometimes associated with illegal or malicious system intrusion.
• Known threats, such as viruses or rootkits, Trojans, botnets, and DDoS, or specific software vulnerabilities, are relatively straightforward to identify and scan for these types of threats with automated software.
• DNS harvesting uses Open Source Intelligence (OSINT) to gather information about a domain (subdomains, hosting provider, administrative contacts, and so on).
• When performing host discovery on an internetwork (a network of routed IP subnets), the attacker will want to discover how the routers connect the subnets, and whether any misconfigured gateways between subnets exist.
• The ping command can detect the presence of a host on a particular IP address or one that responds to a particular host name. Users can apply a simple script to perform a ping sweep.
• Black hat hackers have malicious intent. These hackers have limited resources, especially when working alone.
• A white hat hacker always seeks authorization to perform penetration testing of private and proprietary systems. Companies usually contract these hackers to test their security systems.
• Gray hat hackers seek out vulnerabilities in a product or network without seeking approval. They do not exploit the vulnerabilities but seek voluntary compensation (bug bounty) after informing companies about such vulnerabilities.
• A script kiddie is someone who uses hacker tools without necessarily understanding how they work and no specific target. This person works to gain attention or prove technical abilities.
• A competitor may use cyber espionage to gain inside information to beat the competition or tear them down. In this case, a competitor will carry out such attacks without permission.

• A wireless attack vector can involve spoofing a trusted resource, such as an access point, and use it to perform credential harvesting. The harvested credentials can then access the legitimate network.
• A direct access attack vector involves a physical or local attack to a target system or network. The threat actor can exploit an unlocked workstation or steal a device, for example.
• E-mail as an attack vector involves attaching malicious files and using social engineering to persuade or trick the user into opening the attachment.
  • A company is temporarily transmitting plaintext Application Programming Interface (API) keys to migrate data to an off-prem environment using a web application. The destination platform is Microsoft Azure. This temporary solution makes it open to which attack vector? (A) Cloud services such as Microsoft Azure or Amazon Web Services (AWS) use API keys to communicate with cloud services to perform tasks, such as migrate data off-prem or to the cloud