GUÍA DE
CIBERDEFENSAORIENTACIONES PARA EL DISEÑO, PLANEAMIENTO, IMPLANTACIÓN Y DESARROLLO
DE UNA CIBERDEFENSA MILITAR97
1NATO Bi-SC Initial Assessment of Recognising Cyberspace as a Domain
GUÍA DE
CIBERDEFENSAORIENTACIONES PARA EL DISEÑO, PLANEAMIENTO, IMPLANTACIÓN Y DESARROLLO DE UNA CIBERDEFENSA MILITAR
98
2MAGERIT is the risk analysis and management methodology developed by the Spanish Higher Council for Electronic Administration (Consejo Superior de Administración Electrónica de España).
3PILAR is the risk analysis tool developed by the CCN-CERT that facilitates
the application of the MAGERIT methodology.
4CRAMM, risk analysis methodology developed by the British CCTA (Central Computer and Telecommunication Agency).
5OCTAVE (Operationally Critical Threat Asset and Vulnerability Evaluation, risk analysis methodology developed by the Carnegie Mellon University CERT.
6Zero-day cyber attack is a type of cyber attack that occurs by exploiting an unknown vulnerability or for which there is still no patch.
7EXPLOIT
is piece of software code, a data chunk, or a script that exploits a bug or cyber vulnerability to cause an impact.
8PHISHING is a type of cyber attack aimed at deceiving a victim (simulating trustworthy
sources for the victim, usually by email) in order to obtain confidential or private information (user, passwords,
bank details, credit card details, etc.).
9SPEAR PHISHING is a type of cyber attack aimed at deceiving a group of specifically selected people pretending to be a trustworthy entity for the victims) in order to obtain confidential
information usernames, passwords,
bank details, credit card details, etc) useful for carrying out a cyber operation.
Share with your friends: 
