ISM 4323 Info Sec Admin: Chapter 2: Threat Actors and Their Threats

Описание: In this lecture, we cover Chapter 2: Threat Actors and Their Threats from the CompTIA CySA+ Guide to Cybersecurity Analyst (CSO-002). This session is part of ISM 4323 – Information Security Policy Administration and focuses on understanding who threat actors are, how they operate, and why their tactics matter for enterprise security and policy development.

🔍 Topics Covered
• Definition and classification of threat actors
• Script kiddies, organized crime, insiders, hacktivists, and nation-state actors
• Motivations behind cyberattacks (financial, political, ideological)
• Tactics, Techniques, and Procedures (TTPs)
• Known vs. unknown threats
• Common attack types:
• Web application attacks (XSS, CSRF, SSRF)
• Remote Code Execution (RCE)
• Data poisoning
• Obfuscated links and social engineering
• Key vulnerability categories:
• Programming and design flaws
• Broken access control
• Cryptographic failures
• Dated components
• Authentication and identity failures

🎯 Learning Outcomes

By the end of this lecture, you should be able to:
• Identify and categorize major threat actors
• Explain how threat actors exploit vulnerabilities
• Contextualize attacks within enterprise risk and policy decisions
• Apply threat intelligence concepts to real-world security scenarios

🎓 Course Alignment

This lecture aligns with Module 2: Utilizing Threat Data and Intelligence and supports course objectives related to:
• Enterprise threat analysis
• Risk assessment and mitigation
• Security policy awareness and decision-making

📌 For enrolled students:
Be sure to review the associated readings, participate in the discussion board, and complete the quiz and project tied to this module in Canvas.

📚 Textbook Reference:
CompTIA CySA+ Guide to Cybersecurity Analyst, 3rd Edition – Mark Ciampa
Chapter 2: Threat Actors and Their Threats 

⸻

🔔 Don’t forget to subscribe for additional cybersecurity lectures, certification prep content, and applied security analysis.