OSI Model
MITRE ATT&CK
VPNs
CVEs, NVD, OMG
100

This model, abbreviated OSI, refers to ways different computer systems exchange data across a network.

What is the Open Systems Interconnection Model?

100

This model, abbreviated ATT&CK, was founded by MITRE in 2013 and provides a framework for deconstructing & classifying stages of cyber attacks.

What is the Adversarial Tactics, Techniques, & Common Knowledge project?

100

This protocol suite is the most commonly used to create VPNs.

What is IPSec (Internet Protocol Security)?

100

This list, abbreviated CVE, is a list of records for publicly known cybersecurity vulnerabilities.

What is the Common Vulnerabilities and Exposures list?

200

This layer passes traffic using only MAC addresses.


What is layer 2?


200

The ATT&CK model is commonly compared to this model, developed by Lockheed Martin in 2011.

200

This protocol (ISAKMP) is used to establish Security Associations (SAs) in phase of of IPSec VPNs.

What is the Internet Security Association and Key Management Protocol?

200

This database, managed by NIST, is fed by the MITRE CVE list and provides more detailed information for vulnerabilities.

What is the National Vulnerability Database?

300

SSL evolved to provide security for this layer of the OSI model.

What is the transport layer (layer 4)?

300

The ATT&CK model is mostly concerned with defining these, aka TTPs, instead of a specific order of attack.

What are Tactics, Techniques, and Procedures?

300

This protocol (IKE) is used to pass PSKs between systems during phase one in an IPSec VPN setup.

What is the Internet Key Exchange protocol?

300

This scoring system, referenced by CVE and NVD, classifies vulnerabilities into low, medium, high, and critical ratings.

What is the CVSS (Common Vulnerability Scoring System)?

400

This layer, jokingly referred to as "layer 8," refers to IT issues created by users or management.

What is the  "user" or "political" layer?

400

This format, abbreviated STIX, is a language and serialization format used to exchange cyber threat intelligence.

What is the Structured Threat Information Expression? (https://oasis-open.github.io/cti-documentation/)

400

This protocol (ESP) provides confidentiality, integrity, and data-origin authentication within phase two.

What is the Encapsulating Security Protocol?

400

Vulnerabilities with a CVSS score of 4.0-6.9 are flagged with this severity level in both CVSS 2.0 and 3.0.

What is "Medium"?

500

The OSI model is often compared to this similar 4-layer model.

What is the TCP/IP model or Internet Protocol suite?

500

These three matrices of ATT&CK are similar in format, but provide customizations for each distinct category of devices.

What are the Enterprise, Mobile, and ICS matrices?

500

This task force formed the IP Security Working Group in 1992, which standardized IPSec as RFC1825.

What is the Internet Engineering Task Force?

500

This entity commonly reserves CVE numbers in blocks of 500 for future bugs discovered in its operating system.

Who is Red Hat?