Word Definition 
advanced persistent threat (APT) A class of attacks that use innovative attack tools to infect and silently extract data over an extended period of time.
Attack Vector A pathway or avenue used by a threat actor to penetrate a system.
Attributes Characteristic features of the different groups of threat actors.
Authority A social engineering principle that involves directing others by impersonating an authority figure or falsely citing their authority.
Availability loss The loss that results from making systems inaccessible.
Black Hat Hackers Threat actors who violate computer security for personal gain or to inflict malicious damage.
Cloud Platforms A pay-per-use computing model in which customers pay only for the online computing resources they need.
Competitors Threat actors who launch attacks against an opponent’s system to steal classified information.
Consensus A social engineering principle that involves being influenced by what others do.
Credential Harvesting Using the Internet and social media searches to perform reconnaissance.
Criminal Syndicates Threat actors who have moved from traditional criminal activities to more rewarding and less risky online attacks.
Data Breach Stealing data to disclose it in an unauthorized fashion.
Data exfiltration Stealing data to distribute it to other parties.
Data Loss The destruction of data so that it cannot be recovered.
Data Storage Third-party facilities used for storing important data.
Default Settings Settings that are predetermined by the vendor for usability and ease of use (but not security) so the user can immediately begin using the product.
Direct Access An attack vector in which a threat actor can gain direct physical access to the computer.
Dumpster Diving Digging through trash receptacles to find information that can be useful in an attack.
Eliciting Information Gathering data.
Errors Human mistakes in selecting one setting over another without considering the security implications.
External External entities outside of the organization.