Recent

  • Show all results for ""
quiz image
By @l_rspekt

MITRE ATT&CK Framework and Attack Stages

PreeminentIrony1103 avatar
PreeminentIrony1103
·
·
Download

Start Quiz

Study Flashcards

12 Questions

What is the initial entry point for attackers in the described scenario?

Exploiting vulnerabilities in VPNs

Which Zscaler product can help prevent initial compromise by establishing a foothold through phishing?

ZIA capabilities

What technique might attackers use to deliver malware in the initial compromise stage?

Phishing with malicious email links

What follows privilege escalation in the attack progression described?

Lateral movement

Which Zscaler capability helps in stopping data loss in the described scenario?

Cloud DLP

What is the last stage in the ransomware attack progression described?

Demanding payment after installing ransomware

What are the four high-level stages of an attack described in the text?

Reconnaissance, Initial Access, Lateral Movement, Data Exfiltration

What is the purpose of the initial compromise stage in an attack?

To gain an initial foothold on the target system

What is the goal of the lateral movement stage in an attack?

To identify and compromise additional systems within the target network

What technique do attackers use to find sensitive assets if the target network is not segmented?

Living off the land

What is the purpose of the data exfiltration stage in an attack?

To steal sensitive data from the target system

What types of attacks can be mapped to the simplified framework described?

Any attack, including advanced supply chain attacks and ransomware

Study Notes

Stages of an Attack

  • Attackers look for exposed endpoints in the attack surface, which can be public servers, VPN users, etc.
  • The attackers execute their initial compromise using techniques like phishing, spear phishing, or malicious files.
  • Once they gain access to a target system, they aim to identify critical and sensitive data and assets.

Lateral Movement

  • Attackers move laterally to identify sensitive assets by using techniques like "living off the land" or exploiting unsegmented networks or exposed applications.
  • They can use techniques like malvertising or keylogging to steal credentials and figure out what and where other sensitive assets are.

Data Theft and Ransomware

  • Attackers steal data and may use it in a "double extortion" attack, where they encrypt the data in addition to exfiltrating it, giving them extra leverage.
  • In the case of ransomware, attackers may demand payment after installing the ransomware and stealing data.

Zscaler Products Against Attacks

  • Zscaler products can stop attacks at different stages, including:
    • ZPA (Zscaler Private Access) for attack surface and lateral movement.
    • ZIA (Zscaler Internet Access) for initial compromise, with capabilities like secure web gateway, IPS, Cloud Sandbox, and Cloud Browser Isolation.
    • Data protection capabilities like cloud DLP, cloud CASB, and Workload protection for stopping data loss.
    • Deception capabilities to eliminate lateral movement.

Learn about the four high-level stages of an attack according to the MITRE ATT&CK framework. Understand how attackers identify the attack surface, execute their initial compromise, escalate privileges, and achieve their objectives.

Make Your Own Quizzes and Flashcards

Convert your notes into interactive study material.

Get started for free

More Quizzes Like This

Dino-mite Quiz
3 questions

Dino-mite Quiz

CrispGenius avatar
CrispGenius
Sicurezza Informatica Frameworks e Standard
30 questions

Sicurezza Informatica Frameworks e Standard

FunPennywhistle avatar
FunPennywhistle
MITRE ATT&CK Framework Overview
19 questions

MITRE ATT&CK Framework Overview

BrainyRo avatar
BrainyRo
Understanding MITRE ATT&CK
1 questions

Understanding MITRE ATT&CK

NourishingPeony avatar
NourishingPeony
Use Quizgecko on...
Browser
Open
Browser
Browser