4.2 policies, processes, and procedures for incident response Flashcards

1
Q

MITRE ATT&CK framework

A

HOW ATTACKERS OPERATE

a knowledge base that models the tactics and techniques used by cyber adversaries. It’s designed to help organizations understand how attackers operate, what their objectives are, and how to defend against them.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
2
Q

The Diamond Model of
Intrusion Analysis

A

a model that describes cyber attacks. It has four parts:
- Adversary: Where the attackers are from
- Infrastructure: The capabilities used
- Capability: The infrastructure used
- Target: The victim

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
3
Q

Cyber Kill Chain

A

military concept developed by lockheed martin
a model that breaks down the phases of a cyberattack.
- Reconnaissance
- Weaponization
- Delivery
- Exploitation
- Installation
- Command and control
- Actions on objectives

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
4
Q

COOP

A

continuity of operations planning

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
5
Q

incident response process

A
  • Preparation
  • Identification
  • Containment
  • Eradication
  • Recovery
  • Lessons learned
How well did you know this?
1
Not at all
2
3
4
5
Perfectly