Notice: Function _load_textdomain_just_in_time was called incorrectly. Translation loading for the ultimate-blocks domain was triggered too early. This is usually an indicator for some code in the plugin or theme running too early. Translations should be loaded at the init action or later. Please see Debugging in WordPress for more information. (This message was added in version 6.7.0.) in /home/margheri/public_html/wp-includes/functions.php on line 6121

Notice: _load_textdomain_just_in_time işlevi yanlış çağrıldı. Translation loading for the perfect-portfolio domain was triggered too early. This is usually an indicator for some code in the plugin or theme running too early. Translations should be loaded at the init action or later. Ayrıntılı bilgi almak için lütfen WordPress hata ayıklama bölümüne bakın. (Bu ileti 6.7.0 sürümünde eklendi.) in /home/margheri/public_html/wp-includes/functions.php on line 6121
TryHackMe: Intro to Cyber Threat Intel Writeup - Aleyna Doğan

TryHackMe: Intro to Cyber Threat Intel Writeup

The room: Introducing cyber threat intelligence and related topics, such as relevant standards and frameworks.

https://tryhackme.com/room/cyberthreatintel

Task 2: Cyber Threat Intelligence

2.1. What does CTI stand for?

Cyber Threat Intelligence

2.2. IP addresses, Hashes and other threat artefacts would be found under which Threat Intelligence classification?

Technical Intel: Provides information about the resources an attacker uses to carry out an attack. Focuses on a specific loC.

Technical Intel

Task 3: CTI Lifecycle

3.1. At which phase of the CTI lifecycle is data converted into usable formats through sorting, organising, correlation and presentation?

Processing

3.2. During which phase do security analysts get the chance to define the questions to investigate incidents?

Direction

Task 4: CTI Standards & Frameworks

4.1. What sharing models are supported by TAXII?

collection and channel

4.2. When an adversary has obtained access to a network and is extracting data, what phase of the kill chain are they on?

Actions on Objectives

Task 5: Practical Analysis

5.1. What was the source email address?

vipivillain@badbank.com

5.2. What was the name of the file downloaded?

flbpfuh.exe

5.3. After building the threat profile, what message do you receive?

THM{***_*_***_***}

a

Bir yanıt yazın

E-posta adresiniz yayınlanmayacak. Gerekli alanlar * ile işaretlenmişlerdir