CySA+
  • Introduction
  • Exam Objectives
    • Quiz
      • Threat and Vulnerability Management Competency
        • Questions
  • 1.0 Threat and Vulnerability Management
    • 1.1 Explain the importance of threat data and intelligence
      • Page 1
      • Intelligence Sources
      • Confidence Levels
      • Indicator Management
        • Trusted Automated eXchange of Indicator Information (TAXII)
        • OpenIoC
      • Threat classification
        • Known threat vs. unknown threat
        • Zero-day
        • Advanced persistent threat
      • Open-source intelligence
      • Proprietary / closed-source intelligence
      • Timeliness, Relevancy, Accuracy
    • 1.2 Given a scenario, utilise threat intelligence to support organisational security
    • 1.3 Given a scenario, perform vulnerability management activities
    • 1.4 Given a scenario, analyse the output from common vulnerability assessment tools
    • 1.5 Explain the threats and vulnerabilities associated with specialised technology
    • 1.6 Explain the threats and vulnerabilities associated with operating in the cloud
    • 1.7 Given a scenario, implement controls to mitigate attacks and software vulnerabilities
  • 2.0 Software and Systems Security
    • 2.2 Explain software assurance best practices
    • 2.1 Given a scenario, apply security solutions for infrastructure management
    • 2.3 Explain hardware assurance best practices
Powered by GitBook
On this page
  1. 1.0 Threat and Vulnerability Management
  2. 1.1 Explain the importance of threat data and intelligence
  3. Threat classification

Advanced persistent threat

APT - nation-state and organized crime actors.

APTs typically target large organizations, such as financial institutions, companies in healthcare, and other organizations that store large PII data sets. APTs also target governments to carry out political objectives, interfere in elections, or to spy.

APTs spend considerable effort in gathering intelligence on their target and are able to craft highly specific custom exploits. Another characteristic of the advanced nature of APTs is that they often combine many different attack elements into an overall threat architecture.

APTs have diverse overall goals, but since a large part of the attack is about stealth, most APTs are interested in maintaining access — or persistence — to networks and systems. There are several techniques that can grant attackers access for months or even years on end without being detected.

Because of this, APTs are some of the most insidious and harmful threats to an organization.

PreviousZero-dayNextOpen-source intelligence

Last updated 2 years ago