Data Collection Data Sources Only Flashcards
1)List five Data Collection methods
OSINT HUMINT CCI IOCs Malware analysis
2)List 6 OSINT methods of data collection
Search engines Web Services Web foot printing Emails Whois lookup Data interrogation
3)List 3 techniques to collect data through HUMINT
Human-Based Social Engineering Techniques
Interviewing and Interrogation
Social Engineering Tools
4)List 5 techniques used to collect data from CCI
Honeypots Passive DNS Monitoring Pivoting Off Adversary’s Infrastructure Malware Sinkholes YARA Rules
5)Type of IOCs
External
Internal
6)Malware Analysis
Preparing Testbed for Malware Analysis
Static Malware Analysis
Dynamic Malware Analysis
Malware Analysis Tools
7)List the techniques used in search engines
Advanced Google Search
Google Hacking Database
ThreatCrowd
Deep and Dark Web Searching
8)List techniques used in Web Services
Finding Top-Level Domains (TLDs) and Sub-domains Job Sites Groups, Forums, and Blogs Social Networking Sites Blacklisted and Whitelisted Sites
9)List techniques used in web footprinting
Monitoring Website Traffic
Website Mirroring
https://archive.org
Extracting Metadata of Public Documents
10)List techniques used in emails
Tracking Email Communications
Email Header
eMailTrackerPro
11)List techniques used in DNS interrogation
DNS Lookup and Reverse DNS Lookup
Fast-Flux DNS Information Gathering
Dynamic DNS (DDNS) Information Gathering
DNS Zone Transfer Information Gathering
12)List OSINT tools frameworks and scripts
Maltego OSTrICa OSRFramework FOCA GOSINT Others
13)Explain Human-Based Social Engineering Techniques
TBD
14)Explain Interviewing and Interrogation
TBD
15)Explain Social Engineering Tools
TBD
16)Explain honeypots
TBD
17)Explain passive DNS monitoring
TBD
18)Explain Pivoting off adversaries infrastructure
TBD
19)Explain Malware sinkholes
TBD
20)Explain Yara rules
TBD
21)List external IOC collection tools
IT-ISAC AlienVault OTX Blueliv Threat Exchange Network MISP threat_note Cacador IOC Bucket Others
22)List internal IOC tools
Splunk Enterprise
Valkyrie
IOC Finder
Redline
23)Explain Building custom IOC tools
TBD
24)What are the Steps for Effective
Usage of Indicators of Compromise for Threat Intelligence
TBD
25)Advanced Google Search
TBD
26)Google Hacking Database
TBD
27)ThreatCrowd
TBD
28)Deep and Dark Web Searching
TBD
29)Finding Top-Level Domains (TLDs) and Sub-domains
TBD
30)Job Sites
TBD
31)Groups, Forums, and Blogs
TBD
32)Social Networking Sites
TBD
33)Blacklisted and Whitelisted Sites
TBD
34)Monitoring Website Traffic
TBD
35)Website Mirroring
TBD
36)https://archive.org
TBD
37)Extracting Metadata of Public Documents
TBD
38)Tracking Email Communications
TBD
39)Email Header
TBD
40)eMailTrackerPro
TBD
41)Who is Lookup
TBD
42)DNS Lookup and Reverse DNS Lookup
TBD
43)Fast-Flux DNS Information Gathering
TBD
44)Dynamic DNS (DDNS) Information Gathering
TBD
45)DNS Zone Transfer Information Gathering
TBD
46)Maltego
TBD
47)OSTrICa
TBD
48)OSRFramework
TBD
49)FOCA
TBD
50)GOSINT
TBD
51)IT-ISAC
TBD
52)AlienVault OTX
TBD
53)Blueliv Threat Exchange Network
TBD
54)MISP
TBD
55)threat_note
TBD
56)Cacador
TBD
57)IOC Bucket
TBD
58)Splunk Enterprise
TBD
59)Valkyrie
TBD
60)IOC Finder
TBD
61)Redline
TBD