Cybersecurityknowledge~30 mins

Advanced Persistent Threats (APT) in Cybersecurity - Mini Project: Build & Apply

Choose your learning style9 modes available

Learn Why Deep Visual Practice Challenge Project Recall Time

Understanding Advanced Persistent Threats (APT)

📖 Scenario: You are part of a cybersecurity team tasked with identifying and understanding Advanced Persistent Threats (APT) in your organization's network logs. You will create a simple data structure to represent detected threats, configure a severity threshold, filter threats based on this threshold, and finally mark the critical threats for immediate action.

🎯 Goal: Build a step-by-step representation of APT detection by creating a dictionary of threats with their severity scores, setting a severity threshold, filtering threats above this threshold, and marking critical threats for response.

📋 What You'll Learn

Create a dictionary named threats with exact threat names and severity scores

Create a variable named severity_threshold with the value 7

Use a dictionary comprehension named critical_threats to filter threats with severity above severity_threshold

Add a key 'action' with value 'immediate response' to each threat in critical_threats

💡 Why This Matters

🌍 Real World

Cybersecurity analysts use threat severity data to prioritize responses to Advanced Persistent Threats in real networks.

💼 Career

Understanding how to organize and filter threat data is essential for roles in cybersecurity monitoring, incident response, and threat intelligence.

Progress0 / 4 steps

Create the initial threats dictionary

Create a dictionary called threats with these exact entries: 'APT29': 9, 'APT28': 6, 'Lazarus Group': 8, 'Fancy Bear': 5, 'Equation Group': 7.

Cybersecurity

# Create the threats dictionary with exact names and severity scores
# Your code here

Need a hint?

Use curly braces to create a dictionary with the exact threat names as keys and their severity scores as values.

Set the severity threshold

Create a variable called severity_threshold and set it to the integer value 7.

Cybersecurity

threats = {
    'APT29': 9,
    'APT28': 6,
    'Lazarus Group': 8,
    'Fancy Bear': 5,
    'Equation Group': 7
}
# Set the severity threshold to 7
# Your code here

Need a hint?

Assign the number 7 to a variable named severity_threshold.

Filter critical threats using dictionary comprehension

Create a dictionary comprehension called critical_threats that includes only the threats from threats with severity scores greater than severity_threshold.

Cybersecurity

threats = {
    'APT29': 9,
    'APT28': 6,
    'Lazarus Group': 8,
    'Fancy Bear': 5,
    'Equation Group': 7
}

severity_threshold = 7

# Use dictionary comprehension to filter threats with severity > severity_threshold
# Your code here

Need a hint?

Use a dictionary comprehension with for name, score in threats.items() and include only those with score > severity_threshold.

Mark critical threats for immediate response

For each threat in critical_threats, add a key 'action' with the value 'immediate response'. Use a dictionary comprehension to create a new dictionary called final_threats where each key is the threat name and the value is another dictionary with keys 'severity' and 'action'.

Cybersecurity

threats = {
    'APT29': 9,
    'APT28': 6,
    'Lazarus Group': 8,
    'Fancy Bear': 5,
    'Equation Group': 7
}

severity_threshold = 7

critical_threats = {name: score for name, score in threats.items() if score > severity_threshold}

# Add 'action': 'immediate response' to each critical threat in a new dictionary final_threats
# Your code here

Need a hint?

Use a dictionary comprehension over critical_threats.items() to create a nested dictionary with keys 'severity' and 'action'.