Module 4 Summary

Video Activity
Join over 3 million cybersecurity professionals advancing their career
Sign up with
Required fields are marked with an *
or
Sign up with Google
Sign up with Apple
Sign up with Microsoft
View all SSO options

Already have an account? Sign In »

Application of the MITRE ATT&CK Framework
Course
Time
8 hours 29 minutes
Difficulty
Beginner
CEU/CPE
10
Video Transcription
00:00
Hello and congratulations on the successful completion of the persistence module of the application of the minor attack framework discussions. So what should we know at this point? Well, we looked at accessibility features, and within that we discussed what that was
00:20
common attack methods. We talked about sticky keys on RTP,
00:24
some mitigation techniques and some detection techniques. We then stepped into boot kits. We describe what those were, how they could be used and again looking at mitigation and detection techniques. We then went through browser extensions, talking about the
00:39
threat actors that took advantage of the Google chrome extensions to steal. Use your information.
00:45
We looked at browser extension as far as what then is defined as, and that it is not limited to just Google chrome, but could be in any browser that allows for the installation of extensions. We then talked about component from where and how it was different in system firmware, and then it involves the
01:03
firmware of components attached
01:04
to the system. Now, within this particular review, we noted that mitigation techniques are quite difficult and training would need to be pretty particular Is far spike forensic level training to potentially detect manipulation of this firmware and of these components.
01:23
We then got into account creation or create account as a persistent mechanism. This is where a threat actor again creates an account in order to pose as a legitimate user or something that would not maybe be out of place if we were viewing that. Typically,
01:40
threat actors create accounts to avoid
01:42
detection mechanisms and Anna virus that may pick up malware and things of that nature that they would use to install backdoors, Trojan, anything of that nature.
01:53
And then we talked about hooking, which is essentially process hooking, and we looked at how that could be used some mitigation techniques and detection techniques as well. We then got into new service where a threat actor came creating new service or inject themselves into a service
02:09
that could allow them to get system level privilege. We talked about mitigation and detection techniques here as well.
02:16
Now I hope you enjoyed the case study. I hope you found it to be a value, and I want to congratulate you again, and I look forward to seeing you again soon.
Up Next
View All
Instructed By
Robert Smith

Robert Smith

Director of Security Services at Corsica

Instructor
Similar Content
Become an Incident Handler
Career Path
Become an Incident Handler
In this Career Path, you will learn the incident response process, from building an incident ...
Information Security Fundamentals
Career Path
Information Security Fundamentals
The foundational networking and security concepts taught in this career path form the backbone of ...
MITRE ATT&CK Defender™ (MAD) ATT&CK® SOC Assessments Certification Training
Course
MITRE ATT&CK Defender™ (MAD) ATT&CK® SOC Assessments Certification Training
5
Do you know how to leverage the MITRE ATT&CK® framework to conduct Security Operations Center ...
2CEUs