LOGBOOK

HELP

1 / 29
Other keys: showSpace: good1-4: rate0: skip5: flag6: invert

Question

What are the four types of threats that may arise after a threat actor gains access to a network?

Answer

Information theft, data loss/manipulation, identity theft, and disruption of service.

Once a threat actor is inside a network, the damage falls into four broad categories. They are worth distinguishing because each targets a different asset — confidentiality, integrity, identity, or availability — and so calls for a different defence:

  1. Information Theft - Breaking in to steal confidential information (attacks confidentiality). Example: copying a company's research data to sell to a competitor.
  2. Data Loss and Manipulation - Destroying or altering data records (attacks integrity). Example: a virus reformatting a hard drive, or quietly changing prices in a billing system.
  3. Identity Theft - Stealing personal information to impersonate someone, then using that identity to obtain documents or credit illegally.
  4. Disruption of Service - Preventing legitimate users from reaching services they are entitled to (attacks availability) — the goal of denial-of-service attacks.

Go deeper:

Cryptographic techniques involve transforming information, scrambling it, so it becomes unreadable during transmission. The intended recipient can unscramble the message; ideally, eavesdroppers cannot.
Cryptographic techniques involve transforming information, scrambling it, so it becomes unreadable during transmission. The intended recipient can unscramble the message; ideally, eavesdroppers cannot.
odder · CC BY-SA 3.0 · Wikimedia Commons
or press any other key