Cyber Threats (2020)

From CyberEdWiki
Jump to: navigation, search

The intent of the Cyber Threats Knowledge Unit is to provide students with basic information about the threats that may be present in the cyber realm.

Outcomes[edit]

After completing the KU, students will be able to:

  1. Compare and contrast the motivations and techniques of bad actors in cyberspace.
  2. Evaluate cyberspace threats using The Adversary Model.
  3. Distinguish different types of cyber attacks and their characteristics.
  4. Assess events that indicate an attack has happened or is currently happening.

Topics[edit]

To complete this KU, you must complete all topics below, including sub-topics.

  1. Motivations and Techniques
  2. The Adversary Model (resources, capabilities, intent, motivation, risk aversion, access)
  3. Types of Attacks (and vulnerabilities that enable them)
    • Password guessing / cracking
    • Backdoors / trojans / viruses / wireless attacks
    • Sniffing / spoofing / session hijacking
    • Denial of service / distributed DOS / BOTs
    • MAC spoofing / web app attacks / 0-day exploits
    • Advanced Persistent Threat (APT)
  4. Events that indicate an attack is/has happened
  5. Attack Timing (within x minutes of being attached to the net)
  6. Attack surfaces / vectors, and trees
  7. Covert Channels
  8. Social Engineering
  9. Insider problem
  10. Threat Information Sources (e.g., CERT)
  11. Legal Issues associated with cyber threats

Skills[edit]

  1. Use resources to identify known threats and vulnerabilities.
    • National Vulnerability Database (NVD), OSVDB, vFeed.

NICE Framework Categories[edit]

CSEC 2017 Categories[edit]

Specialization Areas[edit]

See also[edit]

Related Knowledge Units

Further reading[edit]

Suggested textbooks[edit]

Suggested academic readings[edit]

Sample knowledge test[edit]

Sample skills test[edit]

Sample abilities test[edit]

Additional notes or materials[edit]

Contacts[edit]

Reference ID[edit]

CTH