Reference no: EM133690710
Problem
Part I
The MITRE ATT&CK model is based on real-world observations of cyber security incidents and contains many tactics and techniques. Some of these techniques are further subdivided into sub-techniques. The Phishing technique under initial Access contains four sub-techniques, one of which is T1566.003 (Spearphishing via Service).
Search or browse the MITRE ATT&CK site for sub-technique T1566.003 (Spearphishing via Service), then use the information on that site to:
A. Summarise the sub-technique;
B. Choose one user from the Procedure Examples section:
1. Briefly outline the known or presumed identity of that user;
2. Give an example of how that user specifically employed T1566.003, and;
3. Provide a reference to an external source of information giving more details of your chosen example.
This part can be answered using information on the MITRE ATT&CK site as well as the module texts.
Part II
A. Briefly describe the weakness in 'multi-step' authentication.
B. Briefly describe the type of victims that could be targeted by Advanced Persistent Threats (APT). Justify your answer.
C. How is Auditing useful in improving security of an organization?