8 hours 39 minutes
Hello and congratulations on the successful completion of the commanding control phase of the minor attack framework discussions. So today we're going to just touch on a summary of what we should know now.
And what we should know is that command and control is where threat actors attempt to communicate with our systems and to control them,
that they mimic normal behavior to try and avoid detection. And then it can include methods such as connection proxies, data encoding and data office cation. We specifically looked at commonly used ports,
custom command and control protocol, and uncommonly use ports with a focus on threat actors trying to mimic normal activities while controlling our systems and using them either to do home to other individuals, businesses or systems, or in order to continue to
take information from our network
mitigation techniques, again focused on network intrusion prevention tactics as well as understanding our systems so that we can adequately baseline traffic and identify when threat actors are using our systems for evil. So with that, I want to thank you for your time today, and I look forward to seeing you again soon