Brainscape's Knowledge GenomeTM

Browse over 1 million classes created by top students, professors, publishers, and experts.


See full index

security analyst interview questions > MITRE ATT&CK Framework > Flashcards

MITRE ATT&CK Framework Flashcards

1
Q

1.

A

Reconnassiance

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
2
Q

2.

A

Resource Development

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
3
Q

3.

A

Initial Access

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
4
Q

4.

A

Execution

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
5
Q

5.

A

Persistance

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
6
Q

6.

A

Privilege Escalation

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
7
Q

7.

A

Defense Evasioin

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
8
Q

8.

A

Credential Access

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
9
Q

9.

A

Discovery

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
10
Q

10.

A

Lateral Movement

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
11
Q

11.

A

Collection

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
12
Q

12.

A

Command and Control

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
13
Q

13.

A

Exfiltration

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
14
Q

14.

A

Impact

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
15
Q

Gathering information about the target system or network.
Tools: Nmap, Shodan, Recon-ng

A

Reconnaissance

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
16
Q

Identifying resources that can be used in later stages of the attack.
Tools: Custom scripts, ExploitDB, Github

A

Resource Development

17
Q

Gaining initial foothold into the target system or network.
Tools: Phishing emails, Exploit kits, Remote access trojans (RATs)

A

Initial Access

18
Q

Running malicious code or commands on the target system.
Tools: Metasploit, PowerShell, Cobalt Strike

A

Execution

19
Q

Maintaining access to the target system or network after initial access.
Tools: Scheduled tasks, Registry modifications, Backdoors

A

Persistence

20
Q

Exploiting vulnerabilities to elevate privileges on the target system.
Tools: Mimikatz, PowerSploit, sudo exploitation

A

Privilege Escalation

21
Q

Techniques used to avoid detection by security measures.
Tools: Rootkits, Fileless malware, Anti-forensics tools

A

Defense Evasion

22
Q

Stealing credentials to gain access to systems or resources.
Tools: Mimikatz, Keyloggers, Credential dumping tools

A

Credential Access

23
Q

Gathering information about the target environment and network.
Tools: BloodHound, Windows Management Instrumentation (WMI), net commands

A

Discovery

24
Q

Moving laterally within the network to gain access to additional systems.
Tools: PsExec, SSH, Remote Desktop Protocol (RDP)

A

Lateral Movement

25
Q

Gathering data or information from target systems.
Tools: Data mining tools, Packet sniffers, Keyloggers

A

Collection

26
Q

Establishing and maintaining communication channels with compromised systems.
Tools: Reverse shells, Command and control (C2) frameworks (e.g., Cobalt Strike, Metasploit), DNS Tunneling.

A

Command and Control

27
Q

Extracting data from the target environment and sending it to an external location.
Tools: FTP, HTTP(S), DNS tunneling, Steganography

A

Exfiltration

28
Q

Actions that result in damage to the target system or network.
Tools: Ransomware, Data wiping tools, Denial-of-service (DoS) attacks

A

Impact

security analyst interview questions (8 decks)

Brainscape helps you reach your goals faster, through stronger study habits.
© 2024 Bold Learning Solutions. Terms and Conditions