https://tryhackme.com/room/opsec
Task 1 Introduction
Dieser Task enthält keine Fragen.
Task 2 Critical Information Identification
Frage 1:
Click on View Site and follow through till you get the flag.
Antwort 1:
THM{OPSEC_CRITICAL_INFO}
Task 3 Threat Analysis
Dieser Task enthält keine Fragen.
Task 4 Vulnerability Analysis
Frage 1:
Your red team uses THC-Hydra to find the password for a specific login page. Moreover, they are using the Metasploit framework on the same system as THC-Hydra. Would you consider this an OPSEC vulnerability? (Y/N)
Antwort 1:
y
Frage 2:
One of the red team members posts a photo of his cat every day. Would this be considered an OPSEC vulnerability? (Y/N)
Antwort 2:
n
Frage 3:
Your red team went for dinner, took a photo, and tagged every team member on a popular social media platform. Would you consider this an OPSEC vulnerability? (Y/N)
Antwort 3:
y
Frage 4:
Your red team posts on its website a list of clients you regularly conduct red team exercises with. Would you consider this an OPSEC vulnerability? (Y/N)
Antwort 4:
y
Frage 5:
One of your red team members posted a photo of her morning coffee. Would you consider this an OPSEC vulnerability? (Y/N)
Antwort 5:
n
Task 5 Risk Assessment
Frage 1:
Your red team uses THC-Hydra to find the password for a specific login page. Moreover, they are using the Metasploit framework on the same system as THC-Hydra. Knowing that your target uses a properly configured Intrusion Detection System (IDS), would you consider this vulnerability as high risk? (Y/N)
Antwort 1:
y
Task 6 Countermeasures
Dieser Task enthält keine Fragen.
Task 7 More Practical Examples
Frage 1:
Click on View Site and follow through till you get the flag.
Hier müssen wir der Reihe nach Fragen beantworten, indem wir die Aussagen in die richtige Reihenfolge bringen:
4 5 2 3 1
1 5 4 3 2
5 2 4 3 1
2 3 1 5 4
Antwort 1:
THM{OPSEC-RED-TEAM}
Task 8 Summary
Dieser Task enthält keine Fragen.