TTT

Question 1

Define the term open source

Answer 1

Publicly accessible, anyone can view it and distribute as they see fit.

Question 2

Explain Web browsers and search engines.

Answer 2

A browser is a piece of software that retrieves and displays web pages; a search engine is a website that helps people find web pages from other websites

Question 3

Describe a filter bubble

Answer 3

A filter bubble is an algorithmic bias that skews or limits the information an individual user sees on the internet

Question 4

What is a meta search

Answer 4

A metasearch engine is an online information retrieval tool that uses the data of a web search engine to produce its own results

Question 5

Describe a search engine

Answer 5

A search engine is a software program that helps people find the information they are looking for online using keywords or phrases

Question 6

Describe a safe search engine

Answer 6

SafeSearch is a Google search engine feature that automatically filters unsafe, offensive, and inappropriate results

Question 7

Explain the world wide Web

Answer 7

refers to all the public websites or pages that users can access on their local computers and other devices through the internet.

Question 8

What are the layers of the world wide Web

Answer 8

Surface Web, Deep Web and Darknet.

Question 9

Define how HTML coding is converted

Answer 9

An HTML converter is a software program that, in simple terms, converts a basic text file into HTML code. HTML is the universally accepted standard language in which Web pages are written. Documents with formats such as .doc, .docx and .txt are often created to be posted on the Internet, and the HTML converter aids in this process.

Question 10

Define web crawling (Spiders)

Answer 10

is an Internet bot that systematically browses the World Wide Web and that is typically operated by search engines for the purpose of Web indexing

Question 11

Advantages of osint

Answer 11

A massive and growing information resource

• Cost effective against other forms of intelligence

Quickly deployed & can gather live information as it occurs

Can reduce the need to deploy other collection assets

• Has less risk than other collection options

• Allows a wide audience for the distribution of products

Question 12

What are the Disadvtages of OSINT?

Answer 12

• A massive and growing information resource

• Accuracy of information – False News

• Credibility of sources – Bias, motive,
• Security of collection activity – Risks & Threats

• Legal constraints on certain online activities – RIPA, HR Act

Question 13

What is the Physical Domain?

Answer 13

• It’s the physical infrastructure that supports the internet

• The hardware and linkage that is spread across the world

• The physical storage that hosts the world wide web

Question 14

What is the Virtual Domain?

Answer 14

The software that allows the interaction on the internet

• The virtual environment that stores data

• The user interface we see when we use the internet

Question 15

What is the Cognitive Domain?

Answer 15

• Where interaction and connectivity happen between users

• The publishing of material to cause impact or effect

• The ability to reach every single person

• The ability to influence opinion and emotion

Question 16

What is the Internet?

Answer 16

International Network

Question 17

How do we connect to the internet?

Answer 17

• IP Address (Internet Protocol) – your connection to the internet

Question 18

ISP – Internet Service provider – your service provider

Answer 18

This can be used to identify your location, area, country, device

Question 19

What is the World Wide Web?

Answer 19

Information space for data

• Navigate available resources and data on internet

• Access through Web pages, search engines and browsers
•

Question 20

The main domains can be split down into the following categories:

Answer 20

.com - Commercial
.org - Organisation
.net - Network
.int - International organisation
.edu - US higher education
.gov - Government
.mil - US Military
.UK - Uk Domain

Question 21

What is surface Web

Answer 21

Surface web

The Surface Web is the part of the Internet that is accessible through mainstream web browsers such as Google or Bing. Typically, sites within this layer of the Internet are designed to be listed on mainstream search engines that are intended to be found easily by the casual web user. Much of the information on the Surface Web is common knowledge that is not sensitive.

Question 22

What is the deep web

Answer 22

Deep web

The Deep Web is the part of the Internet that is not listed/indexed by the main search engines. The reason for this is that the technology used in Deep Web publishing platforms such as Facebook, Twitter and LinkedIn is not designed to be read and understood by the technology that drives search engines such as Google. Deep Websites are not designed to be hidden by the publisher; thethe contents just cannot be read by conventional search engines. The website contents will generally be accessed through a portal or integral search facility

Question 23

What is dark Web

Answer 23

Dark web

The Dark Web is the collective World Wide Web content that exists only in darknets, networks which overlay the public Internet and require specific software, configurations or authorization to access. It forms part of the Deep Web, the part of the Web not indexed by search engines. It is linked to crime, terrorism and other nefarious activity. It is not an area you would conduct taskings without specialist training

Question 24

What is a Web Browser?

Answer 24

A web browser (commonly referred to as a browser) is a software application for retrieving, presenting and traversing information resources on the World Wide Web

Question 25

Ask the trainees to name the most common web browsers

Answer 25

Google Chrome

•Safari

•FireFox

•Opera

•Microsoft Edge

•Internet Explorer

•Bing

•Yahoo

Question 26

What is HTML

Answer 26

Hyper-Text Markup Language – is a computer language designed to allow website creation

Question 27

Explain the User Interface

Answer 27

The User interface will depend on the web browser used at the time as each of the web browsers interprets the coded data into their own interface

Question 28

Define the different web browser layouts

Answer 28

This can be demonstrated by loading a number of web browsers into differing tabs and comparing the results.

Question 29

What information is passed by Web Browsers when you conduct your online open source research

Answer 29

• IP Address
• Browser type & version
• OS & version
• Device type
• Geo location
• Installed fonts
• Plug ins
• Cookies
• Search history
• Mouse clicks
• Downloads
• Logons & passwords

Question 30

What does a Search Engine Algorithm identify during its spider crawl

Answer 30

Location of search terms
• Frequency of search terms
• Proximity of search terms
• Links popularity ranking on the site it crawls

Question 31

Define Filtering

Answer 31

Filtering your results
• IP Address of the user
• Search history of the user
• Provides refined results
• Defined by Search Engine not user

Question 32

Define Meta Search engines

Answer 32

• Aggregator of different search engines
• Extends search coverage for better results to investigate
• Will define specific data
• Limited to simple searching
• Yippy/Dogpile/Excite/………..etc
• Cluuz

Question 33

Examples of Security Breaches on OPUS

Answer 33

Logging into civil service account and searching for jobs
· Access a Gambling site
· Log-In to their personal Sky account
· Search for OSINT and SOCMINT courses
· Attempting to download Software
· Accessing a website for a localrestaurant and trying to download
PPT

7 / 10
· the menu as well as getting contact information
· Looking at available hotels in St Mawgan for a 2 week holiday
· Searching Job Sites for Intelligence Analyst jobs
Attempt to attach a USB device (Fuji Camera) to the system
· Watching music videos on YouTube.
· Applying for passport.
· Applying for a Chinese visa on the government site.

Question 34

What is a threat Actor?

Answer 34

3rd parties that may be interested in understanding more about the searches, and information gathered as part of an OSINT capability.

Question 35

What / who is a threat Actor?

Answer 35

Nation State defence and intelligence
Aggregated commercial monitoring
Criminal organisation
Webmasters and communication service providers
Hacktivist groups
Journalists
Other actors that should be considered in more depth are: organised crime,
other military organisations,
insider threat actors (both intentional and un-intentional).

Question 36

What is Attribution (in an OS habitate)?

Answer 36

The ability to attribute a connection, search activity, browsing habits and online activity to a designated individual, device, organisation or location.

Question 37

How can browsing activities be associated to a given user/organisation?

Answer 37

Browsing patterns
Thematic analysis
Analysis of proper nouns in search terms
Lawful intercept of communications infrastructure (state actor)
Internet browser.
Internet access points of presence (IP address).
Personally identifiable information

Question 38

What is the risk of attributing an Osint gathering activity to the MoD?

Answer 38

Ascertain Defence interests
Reconstruct RFI/IRs
Identify sources
Disrupt sources
Plant misinformation
Identify Defence OSINT networks
Cyber operations against Defence OSINT infrastructure

Question 39

Explain the attribution controls

Answer 39

• Level 1 Overt (activity attributable to MOD):
SyOps/Policy
Generic research which does not reveal sensitive Defence IRsUse of trusted sites including subscription services

• Level 2 Covert (Low Attribution):
SyOps/Policy
Technical measures
Operator tradecraft

Question 40

Identify mapping resources

Answer 40

Google maps
Wikimapia
Bing maps
Yandex mapping

Question 41

Utilise mapping resources

Answer 41

Mapping/Satellite changeover
• Search facility
• Streetview utility
• Images from the local area, including a link to the location it was taken
• Nearby location points
• GPS Coordinates
• Lat & Long Coordinates
• Navigation utility between locations and points
• Measure distance
• OS Mapping

Question 42

• Why is a MoD policy required?

Answer 42

Guidance, Protection, Control