4.05 Security Assignment: MITRE ATT&CK Training Module Exercises
For this week you will need to complete the MITRE ATT&CK training module exercises that were part of the multimedia section’s video Using ATT&CK for CTI Training | MITRE ATT&CK® Links to an external site..
Go to this Website for the modules
You need to complete and turn in the following exercises from the training in order to get credit for this assignment:
1. Module 2
a. Cybereason Cobalt Kitty Report: Highlights Only
b. FIreEye APT39 Report: Highlights Only
2. Module 3
a. Ticket 473822
b. Ticket 473845
3. Module 4
a. Comparing Layers in Navigator
b. APT39 and Cobalt Kitty techniques
4. Module 5
a. Guided Exercises
b. Unguided Exercise
4.02 Reading and Multimedia
This week’s reading covers the history and processes that went into the MITRE ATT&CK development and what it is used for currently and why. Consider this question as you read the materials, What does it help you as a network defender do?
• Getting Started with ATT&CK eBook Links to an external site. (1 hr 10 min)
o This book is a compilation of information on MITRE ATT&CK, taking into account the multiple blogs and posts that have been created outlining the framework and its uses and purpose. This will give you greater understanding of the ATT&CK’s purpose and uses.
• MITRE ATT&CK®: Design and Philosophy Links to an external site. (1 hr 20 min)
o This white paper discusses the motivation behind the creation of ATT&CK and the components described within it. This is an authoritative source of information about ATT&CK, and it will help you understand how it is maintained and applied as a cybersecurity tool.
ATT&CK for CTI Training Video Set
• The following set of videos is the actual training that is provided by MITRE. For these videos, you need to watch and then do the different activities and labs associated with each of the Modules. Modules 2-5 have exercises that are included. You will need to turn these in for this week’s security assignment. Refer to 4.05 Security Assignment: MITRE ATT&CK Training Module Exercises for submission details.
o Go to the ATT&CK for CTI Training | MITRE ATT&CK® Links to an external site. website
o Complete the following MITRE Attack Training. The modules are provided free from MITRE’s website.
Module 1: Introducing training and understanding ATT&CK Video (18 min)
Module 2: Mapping to ATT&CK from finished reporting Video (28 min)
Module 3: Mapping to ATT&CK from raw data Video (21 min)
Module 4: Storing and Analyzing ATT&CK-Mapped Data (23 min)
Module 5: Making Defensive Recommendations from ATT&CK-Mapped Data (24 min)
MITRE ATT&CK® for ICS Live Demonstration Video
This video will give a live example of implementing the MITRE ATT&CK for ICS framework and how it can be used to help OT network protections.
Click the Play icon to begin.