DEFENSE METHODOLOGIES
ELICITATION TACTICS
MALWARE
SECURITY IMPACTS
RED TEAM STRATEGIES
100

Involves implementing multiple security strategies to protect the same asset and to eliminate single points of failure.

What is defense-in-depth / layering?

100

Praising the target about something they did with the intention that they will elaborate on the subject.

What are complements?

100

A type of software designed to take over or damage a computer without the user's knowledge or approval.

What is malware?

100

Occurs when an attacker performs a malicious act to make the network so busy that the system goes down.

What is availability loss/DoS?

100

The process of gathering information about an organization. 

What is reconnaissance?

200
The constant change in personal habits and passwords to prevent predictable behavior.
What is randomness?
200

Validating any feelings the target expresses, and sharing similar experiences, which may be real or fabricated with the intention to build trust and lead the victim to share more information.

What is being a good listener?

200

Malware designed to execute only under predefined conditions

What is a logic bomb?

200

Occurs when information or files are transferred from a computer without authorization.

What is data exfiltration?

200

Obtaining information through using software or utilities to find vulnerabilities in a system.

What is the technical approach?

300

Security measures should provide protection, but not be so complex what it is difficult to understand and use them.

What is simplicity?

300
Making statements with the wrong details while intending for the target to correct them and provide accurate information.

What is misinformation?

300
A group of zombie computers that are commanded from a central C2 infrastructure.

What is a botnet?

300

Occurs when confidential or protected data is exposed. It can be intentional or accidental.

What is a data breach?

300
Taking advantage of known vulnerabilities in software and systems.

What is exploitation?

400

Users or groups are given only the access they need to do their jobs and nothing more.

What is principle of least privilege?

400

Making incorrect assertions and admitting to not know much about a subject with the intention that the target will not only correct the attacker, but also explain in detail why they are wrong.

What is feigning ignorance?

400

A program that is used legitimately, but has a Trojan attached to it.

What is a wrapper?

400

When information goes missing due to a virus or malware.

What is data loss?

400

The penetration of system defenses. It is often achieved by using information gathered from thorough reconnaissance.

What is a system breach?

500

Implementing multiple layers of the same defense does not provide adequate protection against attacks.

What is variety?

500

An elicitation technique where the attacker is mostly leading the conversation with questions and statements that will flow in the direction the attackers needs to obtain information.

What is interrogation?

500

One of the first viruses developed in 1987. It infected the master boot record of a hard drive and floppy disks.

What is Stoned?

500

Refers to an attacker accessing information to commit fraud. Examples include creating false credentials, opening new accounts in someone else's name, or using someone's existing accounts. 

What is identity theft?

500

An alternative method of accessing an application or operating system for troubleshooting.

What is a backdoor?