Scribd Logo
Upload

Welcome to Scribd!

  • Interview

    Uploaded by

    Christoper John Lictaoa
    3 views2 pages

    Copyright

    © © All Rights Reserved

    Available Formats

    TXT, PDF, TXT or read online from Scribd

    Did you find this document useful?

    Is this content inappropriate?

    Report this Document

    Copyright:

    © All Rights Reserved
    Download as TXT, PDF, TXT or read online from Scribd
    Flag for inappropriate content
    Download as txt, pdf, or txt
    3 views2 pages

    Interview

    Uploaded by

    Christoper John Lictaoa

    Copyright:

    © All Rights Reserved
    Download as TXT, PDF, TXT or read online from Scribd
    Flag for inappropriate content
    Download as txt, pdf, or txt
    of 2

    Technology na gnagamit natin

    Cyberkillchain
    Vulnerability
    KPI, Monthly Reports etc.
    Interview and Training of New Hire
    ilan namanage mong tao as senior
    Analyzation ng alerts
    playbook namention ko rin na iniimprove natin by means of leveraging different
    frameworks like mitre attack and cyberkillchain
    paano ka maghabdle ng difficult person

    Cyber kill chain


    1. Reconnaissance: In this step, the attacker / intruder chooses their target. Then
    they conduct an in-depth research on this target to identify its vulnerabilities
    that can be exploited.

    2. Weaponization: In this step, the intruder creates a malware weapon like a virus,
    worm or such in order to exploit the vulnerabilities of the target. Depending on
    the target and the purpose of the attacker, this malware can exploit new,
    undetected vulnerabilities (also known as the zero-day exploits) or it can focus on
    a combination of different vulnerabilities.

    3. Delivery: This step involves transmitting the weapon to the target. The intruder
    / attacker can employ different methods like USB drives, e-mail attachments and
    websites for this purpose.

    4. Exploitation: In this step, the malware starts the action. The program code of
    the malware is triggered to exploit the target’s vulnerability/vulnerabilities.

    5. Installation: In this step, the malware installs an access point for the
    intruder / attacker. This access point is also known as the backdoor.

    6. Command and Control: The malware gives the intruder / attacker access in the
    network/system.

    7. Actions on Objective: Once the attacker / intruder gains persistent access, they
    finally take action to fullfil their purpose, such as encryption for ransom, data
    exfiltration or even data destruction.

    People, Process, Technology

    Symmetric and Assymetric encryption

    MITRE ATT&CK

    In-house SIEM(FSM)

    How do you handle difficult person?


    I deal with difficult person by having private discussion with the person.
    Make the atmosp

    Parsing and creation of rule (MS event ID, Firewall logs, EDR)
    Managing performance, metrics, development plans the team, rewarding performance.

    SOC Playbook
    KPI
    Analyzation of alerts

    We are the one who conducts interview, trainings, 3rd and 5th month review

    You might also like