Wir wechseln vorübergehend den Pfad zu Red Teaming, denn das Fall 2022 Event hat begonnen und man kann tolle Preise gewinnen, wenn man den Pfad beendet. Den Anfang macht Red Team Fundamentals.
Task 1 Introduction
Dieser Task enthält keine Fragen.
Task 2 Vulnerability Assessment and Penetration Tests Limitations
Frage 1:
Would vulnerability assessments prepare us to detect a real attacker on our networks? (Yay/Nay)
Antwort 1:
Nay
Frage 2:
During a penetration test, are you concerned about being detected by the client? (Yay/Nay)
Antwort 2:
Nay
Frage 3:
Highly organised groups of skilled attackers are nowadays referred to as …
Antwort 3:
Advanced Persistent Threats
Task 3 Red Team Engagements
Frage 1:
The goals of a red team engagement will often be referred to as flags or…
Antwort 1:
crown jewels
Frage 2:
During a red team engagement, common methods used by attackers are emulated against the target. Such methods are usually called TTPs. What does TTP stand for?
Antwort 2:
Tactics, Techniques and Procedures
Frage 3:
The main objective of a red team engagement is to detect as many vulnerabilities in as many hosts as possible (Yay/Nay)
Antwort 3:
nay
Task 4 Teams and Functions of an Engagement
Frage 1:
What cell is responsible for the offensive operations of an engagement?
Antwort 1:
red cell
Frage 2:
What cell is the trusted agent considered part of?
Antwort 2:
white cell
Task 5 Engagement Structure
Frage 1:
If an adversary deployed Mimikatz on a target machine, where would they be placed in the Lockheed Martin cyber kill chain?
Antwort 1:
Installation
Frage 2:
What technique’s purpose is to exploit the target’s system to execute code?
Antwort 2:
Exploitation
Task 6 Overview of a Red Team Engagement
Frage 1:
Click the „View Site“ button and follow the example engagement to get the flag
Antwort 1:
THM{RED_TEAM_ROCKS}
Task 7 Conclusion
Dieser Task enthält keine Fragen.