MITRE : Task5-9 : SOC1 : 6.1

Описание к видео MITRE : Task5-9 : SOC1 : 6.1

MITRE : Task5-9 : SOC1 : 6.1
https://tryhackme.com/r/room/mitre
Under Prepare, what is ID SAC0002?

What is the name of the resource to aid you with the engagement activity from the previous question?

Which engagement activity baits a specific response from the adversary?

What is the definition of Threat Model?

What is the first MITRE ATT&CK technique listed in the ATT&CK Lookup dropdown?

In D3FEND Inferred Relationships, what does the ATT&CK technique from the previous question produce?

In Phase 1 for the APT3 Emulation Plan, what is listed first?

Under Persistence, what binary was replaced with cmd.exe?

Examining APT29, what C2 frameworks are listed in Scenario 1 Infrastructure? (format: tool1,tool2)

What C2 framework is listed in Scenario 2 Infrastructure?

Examine the emulation plan for Sandworm. What webshell is used for Scenario 1? Check MITRE ATT&CK for the Software ID for the webshell. What is the id? (format: webshell,id)

What is a group that targets your sector who has been in operation since at least 2013?

As your organization is migrating to the cloud, is there anything attributed to this APT group that you should focus on? If so, what is it?

What tool is associated with the technique from the previous question?

Referring to the technique from question 2, what mitigation method suggests using SMS messages as an alternative for its implementation?

What platforms does the technique from question #2 affect?

Комментарии

Информация по комментариям в разработке

Похожие видео