welcome to my older one less than six data sources and detections.
In this lesson, we will define and explore what are attacked. Data sources and detections.
Appreciate the relationship between these data sources and detections,
and finally identify how these data sources and detections are applied to techniques and some techniques.
As you recall from lesson for attack techniques. And some techniques have a wealth of metadata.
And in this lesson we will explore how data sources and detection can be used by defenders to identify adversary behaviors.
Attack defines data sources as sources of information collected by sensors or logging systems that we can use to identify adversary behaviors.
You can think of this as where to collect data
as inputs to the detection process.
Detection is built on this idea of information, collected data sources and provide the high level analytic processes or detection strategies that we can use to identify these adversary behaviors.
You can think of this as how to interpret the data collected from data sources
for any given technique or some technique, you'll see a listing of data sources as well as a section towards the bottom. Describing a detection strategy.
You also notice that there's a parallel between the sources of data as well as what? How to interpret that data.
And with that, we turn knowledge. Check for less than six
attack data sources. Tell us,
please take a moment
and select the correct answer before proceeding.
In this case, the correct answer is C attack data sources tell us what data we should collect via sensors or logs for a given adversary technique or some technique
in summary attack data sources tell us what data to collect. All detections. Tell us how to analyze that collected data
and finally attacked data sources. Detections. AARP replied specific to each technique or sub technique.