Data Collection Data Sources Only Flashcards

1
Q

1)List five Data Collection methods

A
OSINT
HUMINT
CCI
IOCs
Malware analysis
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
2
Q

2)List 6 OSINT methods of data collection

A
Search engines
Web Services
Web foot printing
Emails
Whois lookup
Data interrogation
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
3
Q

3)List 3 techniques to collect data through HUMINT

A

Human-Based Social Engineering Techniques
Interviewing and Interrogation
Social Engineering Tools

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
4
Q

4)List 5 techniques used to collect data from CCI

A
Honeypots
Passive DNS Monitoring
Pivoting Off Adversary’s Infrastructure
Malware Sinkholes
YARA Rules
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
5
Q

5)Type of IOCs

A

External

Internal

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
6
Q

6)Malware Analysis

A

Preparing Testbed for Malware Analysis
Static Malware Analysis
Dynamic Malware Analysis
Malware Analysis Tools

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
7
Q

7)List the techniques used in search engines

A

Advanced Google Search
Google Hacking Database
ThreatCrowd
Deep and Dark Web Searching

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
8
Q

8)List techniques used in Web Services

A
Finding Top-Level Domains (TLDs) and Sub-domains
Job Sites
Groups, Forums, and Blogs
Social Networking Sites
Blacklisted and Whitelisted Sites
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
9
Q

9)List techniques used in web footprinting

A

Monitoring Website Traffic
Website Mirroring
https://archive.org
Extracting Metadata of Public Documents

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
10
Q

10)List techniques used in emails

A

Tracking Email Communications
Email Header
eMailTrackerPro

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
11
Q

11)List techniques used in DNS interrogation

A

DNS Lookup and Reverse DNS Lookup
Fast-Flux DNS Information Gathering
Dynamic DNS (DDNS) Information Gathering
DNS Zone Transfer Information Gathering

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
12
Q

12)List OSINT tools frameworks and scripts

A
Maltego
OSTrICa
OSRFramework
FOCA
GOSINT
Others
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
13
Q

13)Explain Human-Based Social Engineering Techniques

A

TBD

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
14
Q

14)Explain Interviewing and Interrogation

A

TBD

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
15
Q

15)Explain Social Engineering Tools

A

TBD

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
16
Q

16)Explain honeypots

A

TBD

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
17
Q

17)Explain passive DNS monitoring

A

TBD

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
18
Q

18)Explain Pivoting off adversaries infrastructure

A

TBD

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
19
Q

19)Explain Malware sinkholes

A

TBD

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
20
Q

20)Explain Yara rules

A

TBD

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
21
Q

21)List external IOC collection tools

A
IT-ISAC
AlienVault OTX
Blueliv Threat Exchange Network
MISP
threat_note
Cacador
IOC Bucket
Others
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
22
Q

22)List internal IOC tools

A

Splunk Enterprise
Valkyrie
IOC Finder
Redline

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
23
Q

23)Explain Building custom IOC tools

A

TBD

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
24
Q

24)What are the Steps for Effective

Usage of Indicators of Compromise for Threat Intelligence

A

TBD

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
25
25)Advanced Google Search
TBD
26
26)Google Hacking Database
TBD
27
27)ThreatCrowd
TBD
28
28)Deep and Dark Web Searching
TBD
29
29)Finding Top-Level Domains (TLDs) and Sub-domains
TBD
30
30)Job Sites
TBD
31
31)Groups, Forums, and Blogs
TBD
32
32)Social Networking Sites
TBD
33
33)Blacklisted and Whitelisted Sites
TBD
34
34)Monitoring Website Traffic
TBD
35
35)Website Mirroring
TBD
36
36)https://archive.org
TBD
37
37)Extracting Metadata of Public Documents
TBD
38
38)Tracking Email Communications
TBD
39
39)Email Header
TBD
40
40)eMailTrackerPro
TBD
41
41)Who is Lookup
TBD
42
42)DNS Lookup and Reverse DNS Lookup
TBD
43
43)Fast-Flux DNS Information Gathering
TBD
44
44)Dynamic DNS (DDNS) Information Gathering
TBD
45
45)DNS Zone Transfer Information Gathering
TBD
46
46)Maltego
TBD
47
47)OSTrICa
TBD
48
48)OSRFramework
TBD
49
49)FOCA
TBD
50
50)GOSINT
TBD
51
51)IT-ISAC
TBD
52
52)AlienVault OTX
TBD
53
53)Blueliv Threat Exchange Network
TBD
54
54)MISP
TBD
55
55)threat_note
TBD
56
56)Cacador
TBD
57
57)IOC Bucket
TBD
58
58)Splunk Enterprise
TBD
59
59)Valkyrie
TBD
60
60)IOC Finder
TBD
61
61)Redline
TBD