From 1e7425a8fffa428aa8813ed09a36202498891ddd Mon Sep 17 00:00:00 2001 From: Alexandre Dulaunoy Date: Wed, 15 Sep 2021 13:37:53 +0200 Subject: [PATCH 01/11] chg: [interactive-cyber-training-*] jq all the things --- .../machinetag.json | 248 +++++++++--------- .../machinetag.json | 248 +++++++++--------- .../machinetag.json | 192 -------------- .../machinetag.json | 157 ----------- 4 files changed, 250 insertions(+), 595 deletions(-) diff --git a/interactive-cyber-training-audience/machinetag.json b/interactive-cyber-training-audience/machinetag.json index c26bd3a..4ec5e76 100644 --- a/interactive-cyber-training-audience/machinetag.json +++ b/interactive-cyber-training-audience/machinetag.json @@ -2,7 +2,9 @@ "namespace": "interactive-cyber-training-audience", "description": "Describes the target of cyber training and education.", "version": 1, - "refs": ["https://arxiv.org/abs/2101.05538"], + "refs": [ + "https://arxiv.org/abs/2101.05538" + ], "expanded": "Interactive Cyber Training - Audience", "predicates": [ { @@ -25,127 +27,127 @@ "expanded": "Target Audience", "description": "Target audience describes the audience, which is targeted by the training." } - ], - "values": [ - { - "predicate": "sector", - "entry": [ - { - "value": "academic-school", - "expanded": "Academic - School", - "description": "The focus is on the principles underlying cybersecurity, ranging from theoretical to applied, at school level." - }, - { - "value": "academic-university", - "expanded": "Academic - University", - "description": "The focus is on the principles underlying cybersecurity, ranging from theoretical to applied, at university level." - }, - { - "value": "public-government", - "expanded": "Public - Government", - "description": "In public sector such as government, Cybersecurity is seen as tool to protect the public interest. Hence, it emphasizes on developing policies and systems to implement laws and regulations." - }, - { - "value": "public-authorities", - "expanded": "Public - Authorities", - "description": "In public sector such as authorities, Cybersecurity is seen as tool to protect the public interest. Hence, it emphasizes on developing policies and systems to implement laws and regulations." - }, - { - "value": "public-ngo", - "expanded": "Public - NGO", - "description": "In public sector such as NGO, Cybersecurity is seen as tool to protect the public interest. Hence, it emphasizes on developing policies and systems to implement laws and regulations." - }, - { - "value": "public-military", - "expanded": "Public - Military", - "description": "In public sector such as military sector, Cybersecurity is seen as tool to protect the public interest. Hence, it emphasizes on developing policies and systems to implement laws and regulations." - }, - { - "value": "private", - "expanded": "Private", - "description": "The private sector and industry focuses more on protecting its investments. The effectiveness of security mechanisms and people are more important than principles they embody." - } - ] - }, - { - "predicate": "purpose", - "entry": [ - { - "value": "awareness", - "expanded": "Awareness", - "description": "This training should be used to raise the awareness in multiple and different security threats." - }, - { - "value": "skills", - "expanded": "Skills", - "description": "This training should be used to recognize the different skill levels of the participants so that can they be improved in a targeted manner." - }, - { - "value": "collaboration", - "expanded": "Collaboration", - "description": "This training should be used to improve the cooperation within a team or beyond." - }, - { - "value": "communication", - "expanded": "Communication", - "description": "This training should be used to increase the efficiency of internal and external communication in case of an incident." - }, - { - "value": "leadership", - "expanded": "Leadership", - "description": "This training should be used to improve the management and coordination of the responsible entities." - } - ] - }, - { - "predicate": "proficiency-level", - "entry": [ - { - "value": "beginner", - "expanded": "Beginner", - "description": "The lowest level. Beginner are limited in abilities and knowledge. They have the possibility to use foundational conceptual and procedural knowledge in a controlled and limited environment. Beginners cannot solve critical tasks and need significant supervision. They are able to perform daily processing tasks. The focus is on learning." - }, - { - "value": "professional", - "expanded": "Professional", - "description": "The mid level. Professionals have deeper knowledge and understanding in specific sectors. For these sectors they are able to complete tasks as requested. Sometimes supervision is needed but usually they perform independently. The focus is on enhancing and applying existing knowledge." - }, - { - "value": "expert", - "expanded": "Expert", - "description": "The highest level. Experts have deeper knowledge and understanding in different sectors. They complete tasks self-dependent and have the possibilities to achieve goals in the most effective and efficient way. Experts have comprehensive understanding and abilities to lead and train others. The focus is on strategic action." - } - ] - }, - { - "predicate": "target-audience", - "entry": [ - { - "value": "student-trainee", - "expanded": "Student/Trainee", - "description": "Student and trainees have little to none practical knowledge. Training can be used for students and trainees, to enhance their knowledge and to practice theoretical courses." - }, - { - "value": "it-user", - "expanded": "IT User", - "description": "IT users use the IT but have little to none knowledge about IT security. Users can get trained to understand principles of IT security and to grow awareness." - }, - { - "value": "it-professional", - "expanded": "IT Professional", - "description": "Professionals have little to medium knowledge about IT security. Their professional focus is in specific sectors, therefore, they receive IT security knowledge for their sectors." - }, - { - "value": "it-specialist", - "expanded": "IT Specialist", - "description": "Specialists already have a comprehensive knowledge in IT security. Therefore, the training is focussed on specific aspects." - }, - { - "value": "management", - "expanded": "Management", - "description": "Management has little knowledge about IT security, but a broad overview. By the training, management can understand changed settings better." - } - ] - } + ], + "values": [ + { + "predicate": "sector", + "entry": [ + { + "value": "academic-school", + "expanded": "Academic - School", + "description": "The focus is on the principles underlying cybersecurity, ranging from theoretical to applied, at school level." + }, + { + "value": "academic-university", + "expanded": "Academic - University", + "description": "The focus is on the principles underlying cybersecurity, ranging from theoretical to applied, at university level." + }, + { + "value": "public-government", + "expanded": "Public - Government", + "description": "In public sector such as government, Cybersecurity is seen as tool to protect the public interest. Hence, it emphasizes on developing policies and systems to implement laws and regulations." + }, + { + "value": "public-authorities", + "expanded": "Public - Authorities", + "description": "In public sector such as authorities, Cybersecurity is seen as tool to protect the public interest. Hence, it emphasizes on developing policies and systems to implement laws and regulations." + }, + { + "value": "public-ngo", + "expanded": "Public - NGO", + "description": "In public sector such as NGO, Cybersecurity is seen as tool to protect the public interest. Hence, it emphasizes on developing policies and systems to implement laws and regulations." + }, + { + "value": "public-military", + "expanded": "Public - Military", + "description": "In public sector such as military sector, Cybersecurity is seen as tool to protect the public interest. Hence, it emphasizes on developing policies and systems to implement laws and regulations." + }, + { + "value": "private", + "expanded": "Private", + "description": "The private sector and industry focuses more on protecting its investments. The effectiveness of security mechanisms and people are more important than principles they embody." + } + ] + }, + { + "predicate": "purpose", + "entry": [ + { + "value": "awareness", + "expanded": "Awareness", + "description": "This training should be used to raise the awareness in multiple and different security threats." + }, + { + "value": "skills", + "expanded": "Skills", + "description": "This training should be used to recognize the different skill levels of the participants so that can they be improved in a targeted manner." + }, + { + "value": "collaboration", + "expanded": "Collaboration", + "description": "This training should be used to improve the cooperation within a team or beyond." + }, + { + "value": "communication", + "expanded": "Communication", + "description": "This training should be used to increase the efficiency of internal and external communication in case of an incident." + }, + { + "value": "leadership", + "expanded": "Leadership", + "description": "This training should be used to improve the management and coordination of the responsible entities." + } + ] + }, + { + "predicate": "proficiency-level", + "entry": [ + { + "value": "beginner", + "expanded": "Beginner", + "description": "The lowest level. Beginner are limited in abilities and knowledge. They have the possibility to use foundational conceptual and procedural knowledge in a controlled and limited environment. Beginners cannot solve critical tasks and need significant supervision. They are able to perform daily processing tasks. The focus is on learning." + }, + { + "value": "professional", + "expanded": "Professional", + "description": "The mid level. Professionals have deeper knowledge and understanding in specific sectors. For these sectors they are able to complete tasks as requested. Sometimes supervision is needed but usually they perform independently. The focus is on enhancing and applying existing knowledge." + }, + { + "value": "expert", + "expanded": "Expert", + "description": "The highest level. Experts have deeper knowledge and understanding in different sectors. They complete tasks self-dependent and have the possibilities to achieve goals in the most effective and efficient way. Experts have comprehensive understanding and abilities to lead and train others. The focus is on strategic action." + } + ] + }, + { + "predicate": "target-audience", + "entry": [ + { + "value": "student-trainee", + "expanded": "Student/Trainee", + "description": "Student and trainees have little to none practical knowledge. Training can be used for students and trainees, to enhance their knowledge and to practice theoretical courses." + }, + { + "value": "it-user", + "expanded": "IT User", + "description": "IT users use the IT but have little to none knowledge about IT security. Users can get trained to understand principles of IT security and to grow awareness." + }, + { + "value": "it-professional", + "expanded": "IT Professional", + "description": "Professionals have little to medium knowledge about IT security. Their professional focus is in specific sectors, therefore, they receive IT security knowledge for their sectors." + }, + { + "value": "it-specialist", + "expanded": "IT Specialist", + "description": "Specialists already have a comprehensive knowledge in IT security. Therefore, the training is focussed on specific aspects." + }, + { + "value": "management", + "expanded": "Management", + "description": "Management has little knowledge about IT security, but a broad overview. By the training, management can understand changed settings better." + } + ] + } ] } diff --git a/interactive-cyber-training-technical-setup/machinetag.json b/interactive-cyber-training-technical-setup/machinetag.json index 58174cd..7826b7d 100644 --- a/interactive-cyber-training-technical-setup/machinetag.json +++ b/interactive-cyber-training-technical-setup/machinetag.json @@ -2,130 +2,132 @@ "namespace": "interactive-cyber-training-technical-setup", "description": "The technical setup consists of environment structure, deployment, and orchestration.", "version": 1, - "refs": ["https://arxiv.org/abs/2101.05538"], + "refs": [ + "https://arxiv.org/abs/2101.05538" + ], "expanded": "Interactive Cyber Training - Technical Setup", "predicates": [ - { - "value": "environment-structure", - "expanded": "Environment Structure", - "description": "The environment structure refers to the basic characteristic of the event." - }, - { - "value": "deployment", - "expanded": "Deployment", - "description": "The environment of cyber training can either be deployed on premise or on cloud infrastructures" - }, - { - "value": "orchestration", - "expanded": "Orchestration", - "description": "The composition of parts and components of a pool of tasks. The goal is to setup a holistic scenario and integrate cyber training session. Furthermore, it includes a declarative description of the overall process in the form of a composite and harmonic collaboration." - } - ], - "values": [ - { - "predicate": "environment-structure", - "entry": [ - { - "value": "tabletop-style", - "expanded": "Tabletop Style", - "description": "A session that involves the movement of counters or other objects round a board or on a flat surface" - }, - { - "value": "online-collaboration-platform", - "expanded": "Online Platform - Collaboration Platform", - "description": "The environment allows organizations to incorporate real-time communication capabilities and providing remote access to other systems. This includes the exchange of files and messages in text, audio, and video formats between different computers or users." - }, - { - "value": "online-e-learning-platform", - "expanded": "Online Platform - E-Learning Platform", - "description": "A software application for the administration, documentation, tracking, reporting, and delivery of educational courses, training programs, or learning and development programs." - }, - { - "value": "hosting", - "expanded": "Hosting", - "description": "A cyber training based on single hosts uses primarily a personal computer to providing tasks and challenges for a user. It allows a direct interaction with the systems." - }, - { - "value": "simulated-network-infrastructure", - "expanded": "Network Infrastruture - Simulated", - "description": "Dependent of the realization type, a network-based environment consists of servers and clients, which are connected to each other in a local area network (LAN) or wide area network (WAN). A simulation copies the network components from the real world into a virtual environment. It provides an idea about how something works. It simulates the basic behavior but does not necessarily abide to all the rules of the real systems." - }, - { - "value": "emulated-network-infrastructure", - "expanded": "Network Infrastruture - Emulated", - "description": "Dependent of the realization type, a network-based environment consists of servers and clients, which are connected to each other in a local area network (LAN) or wide area network (WAN). An emulator duplicates things exactly as they exist in real life. The emulation is effectively a complete imitation of the real thing. It operates in a virtual environment instead of the real world." - }, - { - "value": "real-network-infrastructure", - "expanded": "Network Infrastruture - Real", - "description": "Dependent of the realization type, a network-based environment consists of servers and clients, which are connected to each other in a local area network (LAN) or wide area network (WAN). In a real network infrastructure, physical components are used to connect the systems and to setup a scenario." - } - ] - }, - { - "predicate": "deployment", - "entry": [ - { - "value": "physical-on-premise", - "expanded": "On Premise - Physical", - "description": "The environment for the training run on physical machines. The data is stored locally and not on cloud; nor is a third party involved. The advantages of on premise solutions are the physical accessibility, which makes it possible to use the complete range of cyber challenges." - }, - { - "value": "virtual-on-premise", - "expanded": "On Premise - Virtual", - "description": "The environment for the training run virtual machines. The data is stored locally and not on cloud; nor is a third party involved. The benefit of virtual machines is the maximum of configurability. The advantages of on premise solutions are the physical accessibility, which makes it possible to use the complete range of cyber challenges." - }, - { - "value": "cloud", - "expanded": "Cloud", - "description": "Training setup deployed in the cloud has on-demand availability of computer system resources, especially data storage and computing power, without direct active management by the user. In contrast to on premise setups, cloud solutions are rapid elastic on request. So the training can be adapted flexible on a large amount of users and is easily usable world wide." - } - ] - }, - { - "predicate": "orchestration", - "entry": [ - { - "value": "none-automation", - "expanded": "None Automation", - "description": "Specifies the automation of processes and the amount of human interaction with the system to maintain and administrate, especially for repetitive exercise; Here none automation is present." - }, - { - "value": "partially-automation", - "expanded": "Partially Automation", - "description": "Specifies the automation of processes and the amount of human interaction with the system to maintain and administrate, especially for repetitive exercise; Here partially automated." - }, - { - "value": "complete-automation", - "expanded": "Complete Automation", - "description": "Specifies the automation of processes and the amount of human interaction with the system to maintain and administrate, especially for repetitive exercise; Here full-automated." - }, - { - "value": "portability-miscellaneous", - "expanded": "Portability - Miscellaneous", - "description": "Miscellaneous approaches are used to ensure the possibility to exchange data, challenges, or entire scenarios to other environments or locations." - }, - { - "value": "portability-exchangenable-format", - "expanded": "Portability - Exchangenable Format", - "description": "Common data format (YALM, XML, JSON, ...) is used to ensure the possibility to exchange data, challenges, or entire scenarios to other environments or locations." - }, - { - "value": "maintainability-modifiability", - "expanded": "Maintability - Modifiability", - "description": "Maintainability represents effectiveness and efficiency with which a session can be modified or adapted to changes." - }, - { - "value": "maintainability-modularity", - "expanded": "Maintability - Modularity", - "description": "A modular concept has advantages in reusability and combinability." - }, - { - "value": "compatibility", - "expanded": "Compatibility", - "description": "The Compatibility deals with the technical interaction possibilities via interfaces to other applications, data, and protocols." - } - ] - } + { + "value": "environment-structure", + "expanded": "Environment Structure", + "description": "The environment structure refers to the basic characteristic of the event." + }, + { + "value": "deployment", + "expanded": "Deployment", + "description": "The environment of cyber training can either be deployed on premise or on cloud infrastructures" + }, + { + "value": "orchestration", + "expanded": "Orchestration", + "description": "The composition of parts and components of a pool of tasks. The goal is to setup a holistic scenario and integrate cyber training session. Furthermore, it includes a declarative description of the overall process in the form of a composite and harmonic collaboration." + } + ], + "values": [ + { + "predicate": "environment-structure", + "entry": [ + { + "value": "tabletop-style", + "expanded": "Tabletop Style", + "description": "A session that involves the movement of counters or other objects round a board or on a flat surface" + }, + { + "value": "online-collaboration-platform", + "expanded": "Online Platform - Collaboration Platform", + "description": "The environment allows organizations to incorporate real-time communication capabilities and providing remote access to other systems. This includes the exchange of files and messages in text, audio, and video formats between different computers or users." + }, + { + "value": "online-e-learning-platform", + "expanded": "Online Platform - E-Learning Platform", + "description": "A software application for the administration, documentation, tracking, reporting, and delivery of educational courses, training programs, or learning and development programs." + }, + { + "value": "hosting", + "expanded": "Hosting", + "description": "A cyber training based on single hosts uses primarily a personal computer to providing tasks and challenges for a user. It allows a direct interaction with the systems." + }, + { + "value": "simulated-network-infrastructure", + "expanded": "Network Infrastruture - Simulated", + "description": "Dependent of the realization type, a network-based environment consists of servers and clients, which are connected to each other in a local area network (LAN) or wide area network (WAN). A simulation copies the network components from the real world into a virtual environment. It provides an idea about how something works. It simulates the basic behavior but does not necessarily abide to all the rules of the real systems." + }, + { + "value": "emulated-network-infrastructure", + "expanded": "Network Infrastruture - Emulated", + "description": "Dependent of the realization type, a network-based environment consists of servers and clients, which are connected to each other in a local area network (LAN) or wide area network (WAN). An emulator duplicates things exactly as they exist in real life. The emulation is effectively a complete imitation of the real thing. It operates in a virtual environment instead of the real world." + }, + { + "value": "real-network-infrastructure", + "expanded": "Network Infrastruture - Real", + "description": "Dependent of the realization type, a network-based environment consists of servers and clients, which are connected to each other in a local area network (LAN) or wide area network (WAN). In a real network infrastructure, physical components are used to connect the systems and to setup a scenario." + } + ] + }, + { + "predicate": "deployment", + "entry": [ + { + "value": "physical-on-premise", + "expanded": "On Premise - Physical", + "description": "The environment for the training run on physical machines. The data is stored locally and not on cloud; nor is a third party involved. The advantages of on premise solutions are the physical accessibility, which makes it possible to use the complete range of cyber challenges." + }, + { + "value": "virtual-on-premise", + "expanded": "On Premise - Virtual", + "description": "The environment for the training run virtual machines. The data is stored locally and not on cloud; nor is a third party involved. The benefit of virtual machines is the maximum of configurability. The advantages of on premise solutions are the physical accessibility, which makes it possible to use the complete range of cyber challenges." + }, + { + "value": "cloud", + "expanded": "Cloud", + "description": "Training setup deployed in the cloud has on-demand availability of computer system resources, especially data storage and computing power, without direct active management by the user. In contrast to on premise setups, cloud solutions are rapid elastic on request. So the training can be adapted flexible on a large amount of users and is easily usable world wide." + } + ] + }, + { + "predicate": "orchestration", + "entry": [ + { + "value": "none-automation", + "expanded": "None Automation", + "description": "Specifies the automation of processes and the amount of human interaction with the system to maintain and administrate, especially for repetitive exercise; Here none automation is present." + }, + { + "value": "partially-automation", + "expanded": "Partially Automation", + "description": "Specifies the automation of processes and the amount of human interaction with the system to maintain and administrate, especially for repetitive exercise; Here partially automated." + }, + { + "value": "complete-automation", + "expanded": "Complete Automation", + "description": "Specifies the automation of processes and the amount of human interaction with the system to maintain and administrate, especially for repetitive exercise; Here full-automated." + }, + { + "value": "portability-miscellaneous", + "expanded": "Portability - Miscellaneous", + "description": "Miscellaneous approaches are used to ensure the possibility to exchange data, challenges, or entire scenarios to other environments or locations." + }, + { + "value": "portability-exchangenable-format", + "expanded": "Portability - Exchangenable Format", + "description": "Common data format (YALM, XML, JSON, ...) is used to ensure the possibility to exchange data, challenges, or entire scenarios to other environments or locations." + }, + { + "value": "maintainability-modifiability", + "expanded": "Maintability - Modifiability", + "description": "Maintainability represents effectiveness and efficiency with which a session can be modified or adapted to changes." + }, + { + "value": "maintainability-modularity", + "expanded": "Maintability - Modularity", + "description": "A modular concept has advantages in reusability and combinability." + }, + { + "value": "compatibility", + "expanded": "Compatibility", + "description": "The Compatibility deals with the technical interaction possibilities via interfaces to other applications, data, and protocols." + } + ] + } ] } diff --git a/interactive-cyber-training-training-environment/machinetag.json b/interactive-cyber-training-training-environment/machinetag.json index 68ce0cb..e69de29 100644 --- a/interactive-cyber-training-training-environment/machinetag.json +++ b/interactive-cyber-training-training-environment/machinetag.json @@ -1,192 +0,0 @@ -{ - "namespace": "interactive-cyber-training-training-environment", - "description": "The training environment details the environment around the training, consisting of training type and scenario.", - "version": 1, - "refs": ["https://arxiv.org/abs/2101.05538"], - "expanded": "Interactive Cyber Training - Training Environment", - "predicates": [ - { - "value": "training-type", - "expanded": "Training Type", - "description": "Education in cybersecurity follows different approaches. The level of interaction and hands-on experience distinguishes different types of training." - }, - { - "value": "scenario", - "expanded": "Scenario", - "description": "The scenario is a main component of cybersecurity training. Scenarios are needed to reach the goal of the training." - }x - ], - "values": [ - { - "predicate": "training-type", - "entry": [ - { - "value": "tabletop-game-speech", - "expanded": "Tabletop Game - Speech", - "description": "Table Top training -here based on speech-only- are a lightweight, but intellectually intense exercise. In this setting, the involved teams or participants focus on opposing missions. On a theoretical basis, the teams develop different strategies and countermeasures to explore the offensive cyber effects on operations." - }, - { - "value": "tabletop-game-text", - "expanded": "Tabletop Game - text", - "description": "Table Top training -here based on text-only- are a lightweight, but intellectually intense exercise. In this setting, the involved teams or participants focus on opposing missions. On a theoretical basis, the teams develop different strategies and countermeasures to explore the offensive cyber effects on operations." - }, - { - "value": "tabletop-game-multimedia", - "expanded": "Tabletop Game - Multimedia", - "description": "Table Top training -here based on multimedia- are a lightweight, but intellectually intense exercise. In this setting, the involved teams or participants focus on opposing missions. On a theoretical basis, the teams develop different strategies and countermeasures to explore the offensive cyber effects on operations." - }, - { - "value": "capture-the-flag-quiz", - "expanded": "Capture the Flag - Quiz", - "description": "Capture the Flag (CTF) is a well-known cybersecurity contest in which participants compete in real-time, which can exists as a quiz." - }, - { - "value": "capture-the-flag-jeopardy", - "expanded": "Capture the Flag - Jeopardy", - "description": "Capture the Flag (CTF) is a well-known cybersecurity contest in which participants compete in real-time, which can exists as jeopardy." - }, - { - "value": "capture-the-flag-attack", - "expanded": "Capture the Flag - Attack", - "description": "Capture the Flag (CTF) is a well-known cybersecurity contest in which participants compete in real-time, which can exists as an attack-only scenario." - }, - { - "value": "capture-the-flag-defence", - "expanded": "Capture the Flag - Defence", - "description": "Capture the Flag (CTF) is a well-known cybersecurity contest in which participants compete in real-time, which can exists as an defence-only scenario." - }, - { - "value": "capture-the-flag-attack-defence", - "expanded": "Capture the Flag - Attack-Defence", - "description": "Capture the Flag (CTF) is a well-known cybersecurity contest in which participants compete in real-time, which can exists as an attack-defence scenario." - }, - { - "value": "cyber-training-range-classroom-practice", - "expanded": "Cyber Training Range - Classroom Practice", - "description": "A cyber range provides an environment to practice network operation skills. It should represent real-world scenarios and offer isolation from other networks to contain malicious activity. In this training type, complex attacks take place in a simulated environment. The participants perform divers educational hands-on activities according to their role. In these trainings the roles that are not covered by participants are simulated or covered by the instructors. Trainings can be classroom practice." - }, - { - "value": "cyber-training-range-single-team-training", - "expanded": "Cyber Training Range - Single Team Training", - "description": "A cyber range provides an environment to practice network operation skills. It should represent real-world scenarios and offer isolation from other networks to contain malicious activity. In this training type, complex attacks take place in a simulated environment. The participants perform divers educational hands-on activities according to their role. In these trainings the roles that are not covered by participants are simulated or covered by the instructors. Trainings can be single team trainings." - }, - { - "value": "cyber-training-range-multiple-team-training", - "expanded": "Cyber Training Range - Multiple Team Training", - "description": "A cyber range provides an environment to practice network operation skills. It should represent real-world scenarios and offer isolation from other networks to contain malicious activity. In this training type, complex attacks take place in a simulated environment. The participants perform divers educational hands-on activities according to their role. In these trainings the roles that are not covered by participants are simulated or covered by the instructors. Trainings can be multiple team trainings." - }, - { - "value": "project-approach", - "expanded": "Project Approach", - "description": "In this type of training, hands-on projects are to be completed during the training. Thereby, the participants learn and understand the basic concepts of security. During the projects, the teachers can intervene and control the learning process." - } - ] - }, - { - "predicate": "scenario", - "entry": [ - { - "value": "supervised", - "expanded": "Supervision: Supervised", - "description": "Describes if the training is supervised. For instance, cyber range trainings are typically supervised." - }, - { - "value": "unsupervised", - "expanded": "Supervision: Unsupervised", - "description": "Describes if the training is unsupervised. For instance, jeopardy CTF are usually unsupervised." - }, - { - "value": "free-multiple-choice", - "expanded": "Style: Free-/Multiple Choice", - "description": "Decribes the challenges within the training as Free-/Multi Choice. (can be the case with CTFs)" - }, - { - "value": "problem-driven", - "expanded": "Style: Problem-Driven", - "description": "Describes the challenge within the training as Problem-driven. -" - }, - { - "value": "storyline-driven", - "expanded": "Style: Storyline-Driven", - "description": "Describes the challenge within the training as Storyline-driven." - }, - { - "value": "challenges-target-network", - "expended": "Challenges: Network Target", - "description": "The target in this challenge is network." - }, - { - "value": "challenges-target-host", - "expended": "Challenges: Host Target", - "description": "The target in this challenge is host." - }, - { - "value": "challenges-target-application", - "expended": "Challenges: Application Target", - "description": "The target in this challenge is application." - }, - { - "value": "challenges-target-protocol", - "expended": "Challenges: Protocol Target", - "description": "The target in this challenge is protocol." - }, - { - "value": "challenges-target-data", - "expended": "Challenges: Data Target", - "description": "The target in this challenge is data." - }, - { - "value": "challenges-target-person", - "expended": "Challenges: Person Target", - "description": "The target in this challenge is person." - }, - { - "value": "challenges-target-physical", - "expended": "Challenges: Physical Target", - "description": "The target in this challenge is physical." - }, - { - "value": "challenges-type-foot-printing", - "expended": "Challenges: Foot-printing Type", - "description": "Foot-printing is needed to solve this challenge." - }, - { - "value": "challenges-type-scanning", - "expended": "Challenges: Scanning Type", - "description": "Scanning is needed to solve this challenge." - }, - { - "value": "challenges-type-enumeration", - "expended": "Challenges: Enumeration Type", - "description": "Enumeration is needed to solve this challenge." - }, - { - "value": "challenges-type-pivoting", - "expended": "Challenges: Pivoting Type", - "description": "Pivoting is needed to solve this challenge." - }, - { - "value": "challenges-type-exploitation", - "expended": "Challenges: Exploitation Type", - "description": "Exploitation is needed to solve this challenge." - }, - { - "value": "challenges-type-privilege-escalation", - "expended": "Challenges: Privilege escalation Type", - "description": "Privilege escalation is needed to solve this challenge." - }, - { - "value": "challenges-type-covering-tracks", - "expended": "Challenges: Covering tracks Type", - "description": "Covering tracks is needed to solve this challenge." - }, - { - "value": "challenges-type-maintaining", - "expended": "Challenges: maintaining Type", - "description": "Maintaining access is needed to solve this challenge." - } - ] - } - ] -} diff --git a/interactive-cyber-training-training-setup/machinetag.json b/interactive-cyber-training-training-setup/machinetag.json index 920b5ca..e69de29 100644 --- a/interactive-cyber-training-training-setup/machinetag.json +++ b/interactive-cyber-training-training-setup/machinetag.json @@ -1,157 +0,0 @@ -{ - "namespace": "interactive-cyber-training-training-setup", - "description": "The training setup further describes the training itself with the scoring, roles, -the training mode as well as the customization level.", - "version": 1, - "refs": ["https://arxiv.org/abs/2101.05538"], - "expanded": "Interactive Cyber Training - Training Setup", - "predicates": [ - { - "value": "scoring", - "expanded": "Scoring", - "description": "Scoring is not only used in competition-oriented training like CTF but also to motivate participants, give feedback, track the progress. The scoring can be based, but is not limited to monitoring systems, defined objectives, or over-the-shoulder evaluation mechanisms." - }, - { - "value": "roles", - "expanded": "Roles", - "description": "Participants in a training are split in different teams, according to their skills, role and tasks." - }, - { - "value": "training-mode", - "expanded": "Training Mode", - "description": "Defines whether the training opposes singles persons, teams or groups." - }, - { - "value": "customization-level", - "expanded": "Customization Level", - "description": "Defines the level of customization of the training." - } - ], - "values": [ - { - "predicate": "scoring", - "entry": [ - { - "value": "no-scoring", - "expanded": "No Scoring", - "description": "The training have no type of scoring." - }, - { - "value": "assessment-static", - "expanded": "Assessment: Static", - "description": "The scoring in this variant relies on the static setting of different scores for tasks and objectives, possibly incluing a degree of difficulty as well." - }, - { - "value": "assessment-dynamic", - "expanded": "Assessment: Dynamic", - "description": "The scoring in this variant is set dynamically using mathematical functions or dynamic methods such as teh Elo Rating System." - }, - { - "value": "awarding-manual", - "expanded": "Awarding: Manual", - "description": "Awards are given manually." - }, - { - "value": "awarding-automatic", - "expanded": "Awarding: Automatic", - "description": "Awards are given automatically." - }, - { - "value": "awarding-mixed", - "expanded": "Awarding: Mixed", - "description": "Awards are given manually and/or automatically." - } - ] - }, - { - "predicate": "roles", - "entry": [ - { - "value": "no-specific-role", - "expanded": "No specific Role", - "description": "Individuals who do not fit into the defined teams can be assigned to this role." - }, - { - "value": "transparent-team-observer-watcher", - "expanded": "Transparent Team - Observer/Watcher", - "description": "Members of this team observe the training. Usually, these people have a defined purpose, but have no influence on the training itself. Possible purposes are learning about the training topic and roles, studying strategies of participants, or supervising employees." - }, - { - "value": "white-team-trainer-instructor", - "expanded": "White Team - Trainer/Instructor", - "description": "This team consists of instructors, referees, organizers, and training managers. They design the training scenario including objectives, rules, background story, and tasks. During the training, this team controls the progress and assigns tasks to the teams. These so-called injects also include simulated media, operation coordination, or law enforcement agencies. Giving hints for the training teams could also be part of this team." - }, - { - "value": "green-team-organizer-admin", - "expanded": "Green Team - Organizer/Admin", - "description": "The operators that are responsible for the exercise infrastructure build this team. Before a training, this team sets up and configures the environment and takes it down afterwards. During a training, it also monitors the environments health and handles problems that may arise." - }, - { - "value": "red-team-attacker", - "expanded": "Red Team - Attacker", - "description": "This team consists of people authorized and organized to model security adversaries. They are responsible to identify and exploit potential vulnerabilities present in the training environment. Depending on the training environment, the tasks can follow a predefined attack path." - }, - { - "value": "blue-team-defender", - "expanded": "Blue Team - Defender", - "description": "The group of individuals that is responsible for defending the training environment. They deal with the red team’s attacks and secure the compromised networks. Guidelines for that team are the training rules and local cyber law." - }, - { - "value": "gray-team-bystander", - "expanded": "Gray Team - Bystander", - "description": "Bystanders of a training form this team. They do not necessarily have a specific intention or purpose, but an interest in the training event itself. It is also possible that this team interacts with participants and thereby unintentionally influences the training." - }, - { - "value": "yellow-team-insider", - "expanded": "Yellow Team - Insider", - "description": "Members of this team perform not only tasks like generating legitimate network traffic and user behavior but also perform erroneous actions that lead to vulnerabilities and attacks. This team can also include the regular system builders, like programmers, developers, and software engineers and architects." - }, - { - "value": "purple-team-bridge", - "expanded": "Purple Team - Bridge", - "description": "In a training, this team is a bridge between red and blue teams that helps to improve the performance of both. Through joint red-blue activities it improves the scope of the training participants. Goals are to maximize the Blue Teams capability and the effectiveness of Red Teams activities." - } - ] - }, - { - "predicate": "training-mode", - "entry": [ - { - "value": "single", - "expanded": "Single", - "description": "A single player plays against others. Others can be real persons, butalso scripted opponents." - }, - { - "value": "team", - "expanded": "Team", - "description": "A team plays against others. In this alignments, each player can bring its expertise into the training, focussing on different aspects. Examples are Blue and Red Teams." - }, - { - "value": "cross-group", - "expanded": "Cross-Group", - "description": "A group plays against others. In this setting, the group members might not know each other. Example are CTF competitions and training for the entire organization in a breach scenario." - } - ] - }, - { - "predicate": "customization-level", - "entry": [ - { - "value": "general", - "expanded": "General", - "description": "A general purpose training setup is not, or only little customized. This variant is suited for an entry level training or to learn about general processes without regard to the underlying setup." - }, - { - "value": "specific", - "expanded": "Specific", - "description": "The training setup can be customized for a specific training goal or target audience. Examples for this variant are specific trainings within the High School education or for the health sector." - }, - { - "value": "individual", - "expanded": "Individual", - "description": "The most tailored variant is an individual customization. Hereby, the training setup corresponds to a real environment in the best possible way. Exemplary uses of this variant are the training of teams in their environment or the training of new expert-level employees." - } - ] - } - ] -} From d7a6208fbc5f23b8747fddf6c07124b48ad6b289 Mon Sep 17 00:00:00 2001 From: Alexandre Dulaunoy Date: Wed, 15 Sep 2021 13:44:11 +0200 Subject: [PATCH 02/11] chg: [clean] remove unused directory --- interactive-cyber-training-training-environment/machinetag.json | 0 1 file changed, 0 insertions(+), 0 deletions(-) delete mode 100644 interactive-cyber-training-training-environment/machinetag.json diff --git a/interactive-cyber-training-training-environment/machinetag.json b/interactive-cyber-training-training-environment/machinetag.json deleted file mode 100644 index e69de29..0000000 From 4f1611609954d4f1d4bcbfcbfd197da7543c2461 Mon Sep 17 00:00:00 2001 From: Alexandre Dulaunoy Date: Wed, 15 Sep 2021 13:45:12 +0200 Subject: [PATCH 03/11] chg: [interactive-cyber] remove unused directory --- interactive-cyber-training-training-setup/machinetag.json | 0 1 file changed, 0 insertions(+), 0 deletions(-) delete mode 100644 interactive-cyber-training-training-setup/machinetag.json diff --git a/interactive-cyber-training-training-setup/machinetag.json b/interactive-cyber-training-training-setup/machinetag.json deleted file mode 100644 index e69de29..0000000 From 327b8924617a8d7c68561f3be94c55ffcbfc7f91 Mon Sep 17 00:00:00 2001 From: Alexandre Dulaunoy Date: Wed, 15 Sep 2021 13:45:38 +0200 Subject: [PATCH 04/11] new: [manifest] updated --- MANIFEST.json | 18 ++++++++++++++---- 1 file changed, 14 insertions(+), 4 deletions(-) diff --git a/MANIFEST.json b/MANIFEST.json index c08cba9..b177fd1 100644 --- a/MANIFEST.json +++ b/MANIFEST.json @@ -151,7 +151,7 @@ { "description": "Criminal motivation on the dark web: A categorisation model for law enforcement. ref: Janis Dalins, Campbell Wilson, Mark Carman. Taxonomy updated by MISP Project", "name": "dark-web", - "version": 3 + "version": 4 }, { "description": "Data classification for data potentially at risk of exfiltration based on table 2.1 of Solving Cyber Risk book.", @@ -378,6 +378,16 @@ "name": "information-security-indicators", "version": 1 }, + { + "description": "Describes the target of cyber training and education.", + "name": "interactive-cyber-training-audience", + "version": 1 + }, + { + "description": "The technical setup consists of environment structure, deployment, and orchestration.", + "name": "interactive-cyber-training-technical-setup", + "version": 1 + }, { "description": "The interception method used to intercept traffic.", "name": "interception-method", @@ -491,7 +501,7 @@ { "description": "Taxonomy to classify phishing attacks including techniques, collection mechanisms and analysis status.", "name": "phishing", - "version": 4 + "version": 5 }, { "description": "After an incident is scored, it is assigned a priority level. The six levels listed below are aligned with NCCIC, DHS, and the CISS to help provide a common lexicon when discussing incidents. This priority assignment drives NCCIC urgency, pre-approved incident response offerings, reporting requirements, and recommendations for leadership escalation. Generally, incident priority distribution should follow a similar pattern to the graph below. Based on https://www.us-cert.gov/NCCIC-Cyber-Incident-Scoring-System.", @@ -511,7 +521,7 @@ { "description": "Reference Security Incident Classification Taxonomy", "name": "rsit", - "version": 1002 + "version": 1003 }, { "description": "Status of events used in Request Tracker.", @@ -620,5 +630,5 @@ } ], "url": "https://raw.githubusercontent.com/MISP/misp-taxonomies/main/", - "version": "20210621" + "version": "20210915" } From 32e5315e49689963502548ff5583a27c742d6d74 Mon Sep 17 00:00:00 2001 From: Alexandre Dulaunoy Date: Mon, 20 Sep 2021 09:28:15 +0200 Subject: [PATCH 05/11] new: [interactive-cyber-training-environment] added missing taxo --- .../machinetag.json | 193 ++++++++++++++++++ 1 file changed, 193 insertions(+) create mode 100644 interactive-cyber-training-environment/machinetag.json diff --git a/interactive-cyber-training-environment/machinetag.json b/interactive-cyber-training-environment/machinetag.json new file mode 100644 index 0000000..5cb9340 --- /dev/null +++ b/interactive-cyber-training-environment/machinetag.json @@ -0,0 +1,193 @@ +{ + "namespace": "interactive-cyber-training-training-environment", + "description": "The training environment details the environment around the training, consisting of training type and scenario.", + "version": 1, + "refs": [ + "https://arxiv.org/abs/2101.05538" + ], + "expanded": "Interactive Cyber Training - Training Environment", + "predicates": [ + { + "value": "training-type", + "expanded": "Training Type", + "description": "Education in cybersecurity follows different approaches. The level of interaction and hands-on experience distinguishes different types of training." + }, + { + "value": "scenario", + "expanded": "Scenario", + "description": "The scenario is a main component of cybersecurity training. Scenarios are needed to reach the goal of the training." + } + ], + "values": [ + { + "predicate": "training-type", + "entry": [ + { + "value": "tabletop-game-speech", + "expanded": "Tabletop Game - Speech", + "description": "Table Top training -here based on speech-only- are a lightweight, but intellectually intense exercise. In this setting, the involved teams or participants focus on opposing missions. On a theoretical basis, the teams develop different strategies and countermeasures to explore the offensive cyber effects on operations." + }, + { + "value": "tabletop-game-text", + "expanded": "Tabletop Game - text", + "description": "Table Top training -here based on text-only- are a lightweight, but intellectually intense exercise. In this setting, the involved teams or participants focus on opposing missions. On a theoretical basis, the teams develop different strategies and countermeasures to explore the offensive cyber effects on operations." + }, + { + "value": "tabletop-game-multimedia", + "expanded": "Tabletop Game - Multimedia", + "description": "Table Top training -here based on multimedia- are a lightweight, but intellectually intense exercise. In this setting, the involved teams or participants focus on opposing missions. On a theoretical basis, the teams develop different strategies and countermeasures to explore the offensive cyber effects on operations." + }, + { + "value": "capture-the-flag-quiz", + "expanded": "Capture the Flag - Quiz", + "description": "Capture the Flag (CTF) is a well-known cybersecurity contest in which participants compete in real-time, which can exists as a quiz." + }, + { + "value": "capture-the-flag-jeopardy", + "expanded": "Capture the Flag - Jeopardy", + "description": "Capture the Flag (CTF) is a well-known cybersecurity contest in which participants compete in real-time, which can exists as jeopardy." + }, + { + "value": "capture-the-flag-attack", + "expanded": "Capture the Flag - Attack", + "description": "Capture the Flag (CTF) is a well-known cybersecurity contest in which participants compete in real-time, which can exists as an attack-only scenario." + }, + { + "value": "capture-the-flag-defence", + "expanded": "Capture the Flag - Defence", + "description": "Capture the Flag (CTF) is a well-known cybersecurity contest in which participants compete in real-time, which can exists as an defence-only scenario." + }, + { + "value": "capture-the-flag-attack-defence", + "expanded": "Capture the Flag - Attack-Defence", + "description": "Capture the Flag (CTF) is a well-known cybersecurity contest in which participants compete in real-time, which can exists as an attack-defence scenario." + }, + { + "value": "cyber-training-range-classroom-practice", + "expanded": "Cyber Training Range - Classroom Practice", + "description": "A cyber range provides an environment to practice network operation skills. It should represent real-world scenarios and offer isolation from other networks to contain malicious activity. In this training type, complex attacks take place in a simulated environment. The participants perform divers educational hands-on activities according to their role. In these trainings the roles that are not covered by participants are simulated or covered by the instructors. Trainings can be classroom practice." + }, + { + "value": "cyber-training-range-single-team-training", + "expanded": "Cyber Training Range - Single Team Training", + "description": "A cyber range provides an environment to practice network operation skills. It should represent real-world scenarios and offer isolation from other networks to contain malicious activity. In this training type, complex attacks take place in a simulated environment. The participants perform divers educational hands-on activities according to their role. In these trainings the roles that are not covered by participants are simulated or covered by the instructors. Trainings can be single team trainings." + }, + { + "value": "cyber-training-range-multiple-team-training", + "expanded": "Cyber Training Range - Multiple Team Training", + "description": "A cyber range provides an environment to practice network operation skills. It should represent real-world scenarios and offer isolation from other networks to contain malicious activity. In this training type, complex attacks take place in a simulated environment. The participants perform divers educational hands-on activities according to their role. In these trainings the roles that are not covered by participants are simulated or covered by the instructors. Trainings can be multiple team trainings." + }, + { + "value": "project-approach", + "expanded": "Project Approach", + "description": "In this type of training, hands-on projects are to be completed during the training. Thereby, the participants learn and understand the basic concepts of security. During the projects, the teachers can intervene and control the learning process." + } + ] + }, + { + "predicate": "scenario", + "entry": [ + { + "value": "supervised", + "expanded": "Supervision: Supervised", + "description": "Describes if the training is supervised. For instance, cyber range trainings are typically supervised." + }, + { + "value": "unsupervised", + "expanded": "Supervision: Unsupervised", + "description": "Describes if the training is unsupervised. For instance, jeopardy CTF are usually unsupervised." + }, + { + "value": "free-multiple-choice", + "expanded": "Style: Free-/Multiple Choice", + "description": "Decribes the challenges within the training as Free-/Multi Choice. (can be the case with CTFs)" + }, + { + "value": "problem-driven", + "expanded": "Style: Problem-Driven", + "description": "Describes the challenge within the training as Problem-driven." + }, + { + "value": "storyline-driven", + "expanded": "Style: Storyline-Driven", + "description": "Describes the challenge within the training as Storyline-driven." + }, + { + "value": "challenges-target-network", + "expended": "Challenges: Network Target", + "description": "The target in this challenge is network." + }, + { + "value": "challenges-target-host", + "expended": "Challenges: Host Target", + "description": "The target in this challenge is host." + }, + { + "value": "challenges-target-application", + "expended": "Challenges: Application Target", + "description": "The target in this challenge is application." + }, + { + "value": "challenges-target-protocol", + "expended": "Challenges: Protocol Target", + "description": "The target in this challenge is protocol." + }, + { + "value": "challenges-target-data", + "expended": "Challenges: Data Target", + "description": "The target in this challenge is data." + }, + { + "value": "challenges-target-person", + "expended": "Challenges: Person Target", + "description": "The target in this challenge is person." + }, + { + "value": "challenges-target-physical", + "expended": "Challenges: Physical Target", + "description": "The target in this challenge is physical." + }, + { + "value": "challenges-type-foot-printing", + "expended": "Challenges: Foot-printing Type", + "description": "Foot-printing is needed to solve this challenge." + }, + { + "value": "challenges-type-scanning", + "expended": "Challenges: Scanning Type", + "description": "Scanning is needed to solve this challenge." + }, + { + "value": "challenges-type-enumeration", + "expended": "Challenges: Enumeration Type", + "description": "Enumeration is needed to solve this challenge." + }, + { + "value": "challenges-type-pivoting", + "expended": "Challenges: Pivoting Type", + "description": "Pivoting is needed to solve this challenge." + }, + { + "value": "challenges-type-exploitation", + "expended": "Challenges: Exploitation Type", + "description": "Exploitation is needed to solve this challenge." + }, + { + "value": "challenges-type-privilege-escalation", + "expended": "Challenges: Privilege escalation Type", + "description": "Privilege escalation is needed to solve this challenge." + }, + { + "value": "challenges-type-covering-tracks", + "expended": "Challenges: Covering tracks Type", + "description": "Covering tracks is needed to solve this challenge." + }, + { + "value": "challenges-type-maintaining", + "expended": "Challenges: maintaining Type", + "description": "Maintaining access is needed to solve this challenge." + } + ] + } + ] +} From 17564007b0d917694641e2d7f5d47ac895a47f55 Mon Sep 17 00:00:00 2001 From: Alexandre Dulaunoy Date: Mon, 20 Sep 2021 09:31:04 +0200 Subject: [PATCH 06/11] new: [interactive-cyber-training-training-setup] added missing taxonomies --- .../machinetag.json | 158 ++++++++++++++++++ 1 file changed, 158 insertions(+) create mode 100644 interactive-cyber-training-training-setup/machinetag.json diff --git a/interactive-cyber-training-training-setup/machinetag.json b/interactive-cyber-training-training-setup/machinetag.json new file mode 100644 index 0000000..ef27e56 --- /dev/null +++ b/interactive-cyber-training-training-setup/machinetag.json @@ -0,0 +1,158 @@ +{ + "namespace": "interactive-cyber-training-training-setup", + "description": "The training setup further describes the training itself with the scoring, roles, the training mode as well as the customization level.", + "version": 1, + "refs": [ + "https://arxiv.org/abs/2101.05538" + ], + "expanded": "Interactive Cyber Training - Training Setup", + "predicates": [ + { + "value": "scoring", + "expanded": "Scoring", + "description": "Scoring is not only used in competition-oriented training like CTF but also to motivate participants, give feedback, track the progress. The scoring can be based, but is not limited to monitoring systems, defined objectives, or over-the-shoulder evaluation mechanisms." + }, + { + "value": "roles", + "expanded": "Roles", + "description": "Participants in a training are split in different teams, according to their skills, role and tasks." + }, + { + "value": "training-mode", + "expanded": "Training Mode", + "description": "Defines whether the training opposes singles persons, teams or groups." + }, + { + "value": "customization-level", + "expanded": "Customization Level", + "description": "Defines the level of customization of the training." + } + ], + "values": [ + { + "predicate": "scoring", + "entry": [ + { + "value": "no-scoring", + "expanded": "No Scoring", + "description": "The training have no type of scoring." + }, + { + "value": "assessment-static", + "expanded": "Assessment: Static", + "description": "The scoring in this variant relies on the static setting of different scores for tasks and objectives, possibly incluing a degree of difficulty as well." + }, + { + "value": "assessment-dynamic", + "expanded": "Assessment: Dynamic", + "description": "The scoring in this variant is set dynamically using mathematical functions or dynamic methods such as teh Elo Rating System." + }, + { + "value": "awarding-manual", + "expanded": "Awarding: Manual", + "description": "Awards are given manually." + }, + { + "value": "awarding-automatic", + "expanded": "Awarding: Automatic", + "description": "Awards are given automatically." + }, + { + "value": "awarding-mixed", + "expanded": "Awarding: Mixed", + "description": "Awards are given manually and/or automatically." + } + ] + }, + { + "predicate": "roles", + "entry": [ + { + "value": "no-specific-role", + "expanded": "No specific Role", + "description": "Individuals who do not fit into the defined teams can be assigned to this role." + }, + { + "value": "transparent-team-observer-watcher", + "expanded": "Transparent Team - Observer/Watcher", + "description": "Members of this team observe the training. Usually, these people have a defined purpose, but have no influence on the training itself. Possible purposes are learning about the training topic and roles, studying strategies of participants, or supervising employees." + }, + { + "value": "white-team-trainer-instructor", + "expanded": "White Team - Trainer/Instructor", + "description": "This team consists of instructors, referees, organizers, and training managers. They design the training scenario including objectives, rules, background story, and tasks. During the training, this team controls the progress and assigns tasks to the teams. These so-called injects also include simulated media, operation coordination, or law enforcement agencies. Giving hints for the training teams could also be part of this team." + }, + { + "value": "green-team-organizer-admin", + "expanded": "Green Team - Organizer/Admin", + "description": "The operators that are responsible for the exercise infrastructure build this team. Before a training, this team sets up and configures the environment and takes it down afterwards. During a training, it also monitors the environments health and handles problems that may arise." + }, + { + "value": "red-team-attacker", + "expanded": "Red Team - Attacker", + "description": "This team consists of people authorized and organized to model security adversaries. They are responsible to identify and exploit potential vulnerabilities present in the training environment. Depending on the training environment, the tasks can follow a predefined attack path." + }, + { + "value": "blue-team-defender", + "expanded": "Blue Team - Defender", + "description": "The group of individuals that is responsible for defending the training environment. They deal with the red team’s attacks and secure the compromised networks. Guidelines for that team are the training rules and local cyber law." + }, + { + "value": "gray-team-bystander", + "expanded": "Gray Team - Bystander", + "description": "Bystanders of a training form this team. They do not necessarily have a specific intention or purpose, but an interest in the training event itself. It is also possible that this team interacts with participants and thereby unintentionally influences the training." + }, + { + "value": "yellow-team-insider", + "expanded": "Yellow Team - Insider", + "description": "Members of this team perform not only tasks like generating legitimate network traffic and user behavior but also perform erroneous actions that lead to vulnerabilities and attacks. This team can also include the regular system builders, like programmers, developers, and software engineers and architects." + }, + { + "value": "purple-team-bridge", + "expanded": "Purple Team - Bridge", + "description": "In a training, this team is a bridge between red and blue teams that helps to improve the performance of both. Through joint red-blue activities it improves the scope of the training participants. Goals are to maximize the Blue Teams capability and the effectiveness of Red Teams activities." + } + ] + }, + { + "predicate": "training-mode", + "entry": [ + { + "value": "single", + "expanded": "Single", + "description": "A single player plays against others. Others can be real persons, butalso scripted opponents." + }, + { + "value": "team", + "expanded": "Team", + "description": "A team plays against others. In this alignments, each player can bring its expertise into the training, focussing on different aspects. Examples are Blue and Red Teams." + }, + { + "value": "cross-group", + "expanded": "Cross-Group", + "description": "A group plays against others. In this setting, the group members might not know each other. Example are CTF competitions and training for the entire organization in a breach scenario." + } + ] + }, + { + "predicate": "customization-level", + "entry": [ + { + "value": "general", + "expanded": "General", + "description": "A general purpose training setup is not, or only little customized. This variant is suited for an entry level training or to learn about general processes without regard to the underlying setup." + }, + { + "value": "specific", + "expanded": "Specific", + "description": "The training setup can be customized for a specific training goal or target audience. Examples for this variant are specific trainings within the High School education or for the health sector." + }, + { + "value": "individual", + "expanded": "Individual", + "description": "The most tailored variant is an individual customization. Hereby, the training setup corresponds to a real environment in the best possible way. Exemplary uses of this variant are the training of teams in their environment or the training of new expert-level employees." + } + ] + } + ] +} From d56b66107193a2fe64634f188efac9681cd92a3a Mon Sep 17 00:00:00 2001 From: Alexandre Dulaunoy Date: Mon, 20 Sep 2021 09:31:36 +0200 Subject: [PATCH 07/11] chg: [MANIFEST] updated --- MANIFEST.json | 12 +++++++++++- 1 file changed, 11 insertions(+), 1 deletion(-) diff --git a/MANIFEST.json b/MANIFEST.json index b177fd1..3663c0b 100644 --- a/MANIFEST.json +++ b/MANIFEST.json @@ -383,11 +383,21 @@ "name": "interactive-cyber-training-audience", "version": 1 }, + { + "description": "The training environment details the environment around the training, consisting of training type and scenario.", + "name": "interactive-cyber-training-training-environment", + "version": 1 + }, { "description": "The technical setup consists of environment structure, deployment, and orchestration.", "name": "interactive-cyber-training-technical-setup", "version": 1 }, + { + "description": "The training setup further describes the training itself with the scoring, roles, the training mode as well as the customization level.", + "name": "interactive-cyber-training-training-setup", + "version": 1 + }, { "description": "The interception method used to intercept traffic.", "name": "interception-method", @@ -630,5 +640,5 @@ } ], "url": "https://raw.githubusercontent.com/MISP/misp-taxonomies/main/", - "version": "20210915" + "version": "20210920" } From 349da7d7ad30e5ae3c2c357f1a0a0691b017af36 Mon Sep 17 00:00:00 2001 From: Alexandre Dulaunoy Date: Mon, 20 Sep 2021 09:34:41 +0200 Subject: [PATCH 08/11] fix: [typo] fixed --- .../machinetag.json | 30 +++++++++---------- 1 file changed, 15 insertions(+), 15 deletions(-) diff --git a/interactive-cyber-training-environment/machinetag.json b/interactive-cyber-training-environment/machinetag.json index 5cb9340..cb55577 100644 --- a/interactive-cyber-training-environment/machinetag.json +++ b/interactive-cyber-training-environment/machinetag.json @@ -114,77 +114,77 @@ }, { "value": "challenges-target-network", - "expended": "Challenges: Network Target", + "expanded": "Challenges: Network Target", "description": "The target in this challenge is network." }, { "value": "challenges-target-host", - "expended": "Challenges: Host Target", + "expanded": "Challenges: Host Target", "description": "The target in this challenge is host." }, { "value": "challenges-target-application", - "expended": "Challenges: Application Target", + "expanded": "Challenges: Application Target", "description": "The target in this challenge is application." }, { "value": "challenges-target-protocol", - "expended": "Challenges: Protocol Target", + "expanded": "Challenges: Protocol Target", "description": "The target in this challenge is protocol." }, { "value": "challenges-target-data", - "expended": "Challenges: Data Target", + "expanded": "Challenges: Data Target", "description": "The target in this challenge is data." }, { "value": "challenges-target-person", - "expended": "Challenges: Person Target", + "expanded": "Challenges: Person Target", "description": "The target in this challenge is person." }, { "value": "challenges-target-physical", - "expended": "Challenges: Physical Target", + "expanded": "Challenges: Physical Target", "description": "The target in this challenge is physical." }, { "value": "challenges-type-foot-printing", - "expended": "Challenges: Foot-printing Type", + "expanded": "Challenges: Foot-printing Type", "description": "Foot-printing is needed to solve this challenge." }, { "value": "challenges-type-scanning", - "expended": "Challenges: Scanning Type", + "expanded": "Challenges: Scanning Type", "description": "Scanning is needed to solve this challenge." }, { "value": "challenges-type-enumeration", - "expended": "Challenges: Enumeration Type", + "expanded": "Challenges: Enumeration Type", "description": "Enumeration is needed to solve this challenge." }, { "value": "challenges-type-pivoting", - "expended": "Challenges: Pivoting Type", + "expanded": "Challenges: Pivoting Type", "description": "Pivoting is needed to solve this challenge." }, { "value": "challenges-type-exploitation", - "expended": "Challenges: Exploitation Type", + "expanded": "Challenges: Exploitation Type", "description": "Exploitation is needed to solve this challenge." }, { "value": "challenges-type-privilege-escalation", - "expended": "Challenges: Privilege escalation Type", + "expanded": "Challenges: Privilege escalation Type", "description": "Privilege escalation is needed to solve this challenge." }, { "value": "challenges-type-covering-tracks", - "expended": "Challenges: Covering tracks Type", + "expanded": "Challenges: Covering tracks Type", "description": "Covering tracks is needed to solve this challenge." }, { "value": "challenges-type-maintaining", - "expended": "Challenges: maintaining Type", + "expanded": "Challenges: maintaining Type", "description": "Maintaining access is needed to solve this challenge." } ] From 62d2626c5c5628c0500b976dd00b62fb10b91bd8 Mon Sep 17 00:00:00 2001 From: Alexandre Dulaunoy Date: Mon, 20 Sep 2021 09:37:56 +0200 Subject: [PATCH 09/11] mv: [training-training-env] updated --- .../machinetag.json | 193 ++++++++++++++++++ 1 file changed, 193 insertions(+) create mode 100644 interactive-cyber-training-training-environment/machinetag.json diff --git a/interactive-cyber-training-training-environment/machinetag.json b/interactive-cyber-training-training-environment/machinetag.json new file mode 100644 index 0000000..cb55577 --- /dev/null +++ b/interactive-cyber-training-training-environment/machinetag.json @@ -0,0 +1,193 @@ +{ + "namespace": "interactive-cyber-training-training-environment", + "description": "The training environment details the environment around the training, consisting of training type and scenario.", + "version": 1, + "refs": [ + "https://arxiv.org/abs/2101.05538" + ], + "expanded": "Interactive Cyber Training - Training Environment", + "predicates": [ + { + "value": "training-type", + "expanded": "Training Type", + "description": "Education in cybersecurity follows different approaches. The level of interaction and hands-on experience distinguishes different types of training." + }, + { + "value": "scenario", + "expanded": "Scenario", + "description": "The scenario is a main component of cybersecurity training. Scenarios are needed to reach the goal of the training." + } + ], + "values": [ + { + "predicate": "training-type", + "entry": [ + { + "value": "tabletop-game-speech", + "expanded": "Tabletop Game - Speech", + "description": "Table Top training -here based on speech-only- are a lightweight, but intellectually intense exercise. In this setting, the involved teams or participants focus on opposing missions. On a theoretical basis, the teams develop different strategies and countermeasures to explore the offensive cyber effects on operations." + }, + { + "value": "tabletop-game-text", + "expanded": "Tabletop Game - text", + "description": "Table Top training -here based on text-only- are a lightweight, but intellectually intense exercise. In this setting, the involved teams or participants focus on opposing missions. On a theoretical basis, the teams develop different strategies and countermeasures to explore the offensive cyber effects on operations." + }, + { + "value": "tabletop-game-multimedia", + "expanded": "Tabletop Game - Multimedia", + "description": "Table Top training -here based on multimedia- are a lightweight, but intellectually intense exercise. In this setting, the involved teams or participants focus on opposing missions. On a theoretical basis, the teams develop different strategies and countermeasures to explore the offensive cyber effects on operations." + }, + { + "value": "capture-the-flag-quiz", + "expanded": "Capture the Flag - Quiz", + "description": "Capture the Flag (CTF) is a well-known cybersecurity contest in which participants compete in real-time, which can exists as a quiz." + }, + { + "value": "capture-the-flag-jeopardy", + "expanded": "Capture the Flag - Jeopardy", + "description": "Capture the Flag (CTF) is a well-known cybersecurity contest in which participants compete in real-time, which can exists as jeopardy." + }, + { + "value": "capture-the-flag-attack", + "expanded": "Capture the Flag - Attack", + "description": "Capture the Flag (CTF) is a well-known cybersecurity contest in which participants compete in real-time, which can exists as an attack-only scenario." + }, + { + "value": "capture-the-flag-defence", + "expanded": "Capture the Flag - Defence", + "description": "Capture the Flag (CTF) is a well-known cybersecurity contest in which participants compete in real-time, which can exists as an defence-only scenario." + }, + { + "value": "capture-the-flag-attack-defence", + "expanded": "Capture the Flag - Attack-Defence", + "description": "Capture the Flag (CTF) is a well-known cybersecurity contest in which participants compete in real-time, which can exists as an attack-defence scenario." + }, + { + "value": "cyber-training-range-classroom-practice", + "expanded": "Cyber Training Range - Classroom Practice", + "description": "A cyber range provides an environment to practice network operation skills. It should represent real-world scenarios and offer isolation from other networks to contain malicious activity. In this training type, complex attacks take place in a simulated environment. The participants perform divers educational hands-on activities according to their role. In these trainings the roles that are not covered by participants are simulated or covered by the instructors. Trainings can be classroom practice." + }, + { + "value": "cyber-training-range-single-team-training", + "expanded": "Cyber Training Range - Single Team Training", + "description": "A cyber range provides an environment to practice network operation skills. It should represent real-world scenarios and offer isolation from other networks to contain malicious activity. In this training type, complex attacks take place in a simulated environment. The participants perform divers educational hands-on activities according to their role. In these trainings the roles that are not covered by participants are simulated or covered by the instructors. Trainings can be single team trainings." + }, + { + "value": "cyber-training-range-multiple-team-training", + "expanded": "Cyber Training Range - Multiple Team Training", + "description": "A cyber range provides an environment to practice network operation skills. It should represent real-world scenarios and offer isolation from other networks to contain malicious activity. In this training type, complex attacks take place in a simulated environment. The participants perform divers educational hands-on activities according to their role. In these trainings the roles that are not covered by participants are simulated or covered by the instructors. Trainings can be multiple team trainings." + }, + { + "value": "project-approach", + "expanded": "Project Approach", + "description": "In this type of training, hands-on projects are to be completed during the training. Thereby, the participants learn and understand the basic concepts of security. During the projects, the teachers can intervene and control the learning process." + } + ] + }, + { + "predicate": "scenario", + "entry": [ + { + "value": "supervised", + "expanded": "Supervision: Supervised", + "description": "Describes if the training is supervised. For instance, cyber range trainings are typically supervised." + }, + { + "value": "unsupervised", + "expanded": "Supervision: Unsupervised", + "description": "Describes if the training is unsupervised. For instance, jeopardy CTF are usually unsupervised." + }, + { + "value": "free-multiple-choice", + "expanded": "Style: Free-/Multiple Choice", + "description": "Decribes the challenges within the training as Free-/Multi Choice. (can be the case with CTFs)" + }, + { + "value": "problem-driven", + "expanded": "Style: Problem-Driven", + "description": "Describes the challenge within the training as Problem-driven." + }, + { + "value": "storyline-driven", + "expanded": "Style: Storyline-Driven", + "description": "Describes the challenge within the training as Storyline-driven." + }, + { + "value": "challenges-target-network", + "expanded": "Challenges: Network Target", + "description": "The target in this challenge is network." + }, + { + "value": "challenges-target-host", + "expanded": "Challenges: Host Target", + "description": "The target in this challenge is host." + }, + { + "value": "challenges-target-application", + "expanded": "Challenges: Application Target", + "description": "The target in this challenge is application." + }, + { + "value": "challenges-target-protocol", + "expanded": "Challenges: Protocol Target", + "description": "The target in this challenge is protocol." + }, + { + "value": "challenges-target-data", + "expanded": "Challenges: Data Target", + "description": "The target in this challenge is data." + }, + { + "value": "challenges-target-person", + "expanded": "Challenges: Person Target", + "description": "The target in this challenge is person." + }, + { + "value": "challenges-target-physical", + "expanded": "Challenges: Physical Target", + "description": "The target in this challenge is physical." + }, + { + "value": "challenges-type-foot-printing", + "expanded": "Challenges: Foot-printing Type", + "description": "Foot-printing is needed to solve this challenge." + }, + { + "value": "challenges-type-scanning", + "expanded": "Challenges: Scanning Type", + "description": "Scanning is needed to solve this challenge." + }, + { + "value": "challenges-type-enumeration", + "expanded": "Challenges: Enumeration Type", + "description": "Enumeration is needed to solve this challenge." + }, + { + "value": "challenges-type-pivoting", + "expanded": "Challenges: Pivoting Type", + "description": "Pivoting is needed to solve this challenge." + }, + { + "value": "challenges-type-exploitation", + "expanded": "Challenges: Exploitation Type", + "description": "Exploitation is needed to solve this challenge." + }, + { + "value": "challenges-type-privilege-escalation", + "expanded": "Challenges: Privilege escalation Type", + "description": "Privilege escalation is needed to solve this challenge." + }, + { + "value": "challenges-type-covering-tracks", + "expanded": "Challenges: Covering tracks Type", + "description": "Covering tracks is needed to solve this challenge." + }, + { + "value": "challenges-type-maintaining", + "expanded": "Challenges: maintaining Type", + "description": "Maintaining access is needed to solve this challenge." + } + ] + } + ] +} From 615f4b59a72dd10f616af4a9db9de6f0b24c63a5 Mon Sep 17 00:00:00 2001 From: Alexandre Dulaunoy Date: Mon, 20 Sep 2021 09:38:20 +0200 Subject: [PATCH 10/11] chg: [MANIFEST] updated --- MANIFEST.json | 8 ++++---- 1 file changed, 4 insertions(+), 4 deletions(-) diff --git a/MANIFEST.json b/MANIFEST.json index 3663c0b..8169ccf 100644 --- a/MANIFEST.json +++ b/MANIFEST.json @@ -384,13 +384,13 @@ "version": 1 }, { - "description": "The training environment details the environment around the training, consisting of training type and scenario.", - "name": "interactive-cyber-training-training-environment", + "description": "The technical setup consists of environment structure, deployment, and orchestration.", + "name": "interactive-cyber-training-technical-setup", "version": 1 }, { - "description": "The technical setup consists of environment structure, deployment, and orchestration.", - "name": "interactive-cyber-training-technical-setup", + "description": "The training environment details the environment around the training, consisting of training type and scenario.", + "name": "interactive-cyber-training-training-environment", "version": 1 }, { From 9198e5f022dcad03ecdae7cc72689176a1590f52 Mon Sep 17 00:00:00 2001 From: Alexandre Dulaunoy Date: Mon, 20 Sep 2021 09:43:13 +0200 Subject: [PATCH 11/11] Delete interactive-cyber-training-environment directory Fix --- .../machinetag.json | 193 ------------------ 1 file changed, 193 deletions(-) delete mode 100644 interactive-cyber-training-environment/machinetag.json diff --git a/interactive-cyber-training-environment/machinetag.json b/interactive-cyber-training-environment/machinetag.json deleted file mode 100644 index cb55577..0000000 --- a/interactive-cyber-training-environment/machinetag.json +++ /dev/null @@ -1,193 +0,0 @@ -{ - "namespace": "interactive-cyber-training-training-environment", - "description": "The training environment details the environment around the training, consisting of training type and scenario.", - "version": 1, - "refs": [ - "https://arxiv.org/abs/2101.05538" - ], - "expanded": "Interactive Cyber Training - Training Environment", - "predicates": [ - { - "value": "training-type", - "expanded": "Training Type", - "description": "Education in cybersecurity follows different approaches. The level of interaction and hands-on experience distinguishes different types of training." - }, - { - "value": "scenario", - "expanded": "Scenario", - "description": "The scenario is a main component of cybersecurity training. Scenarios are needed to reach the goal of the training." - } - ], - "values": [ - { - "predicate": "training-type", - "entry": [ - { - "value": "tabletop-game-speech", - "expanded": "Tabletop Game - Speech", - "description": "Table Top training -here based on speech-only- are a lightweight, but intellectually intense exercise. In this setting, the involved teams or participants focus on opposing missions. On a theoretical basis, the teams develop different strategies and countermeasures to explore the offensive cyber effects on operations." - }, - { - "value": "tabletop-game-text", - "expanded": "Tabletop Game - text", - "description": "Table Top training -here based on text-only- are a lightweight, but intellectually intense exercise. In this setting, the involved teams or participants focus on opposing missions. On a theoretical basis, the teams develop different strategies and countermeasures to explore the offensive cyber effects on operations." - }, - { - "value": "tabletop-game-multimedia", - "expanded": "Tabletop Game - Multimedia", - "description": "Table Top training -here based on multimedia- are a lightweight, but intellectually intense exercise. In this setting, the involved teams or participants focus on opposing missions. On a theoretical basis, the teams develop different strategies and countermeasures to explore the offensive cyber effects on operations." - }, - { - "value": "capture-the-flag-quiz", - "expanded": "Capture the Flag - Quiz", - "description": "Capture the Flag (CTF) is a well-known cybersecurity contest in which participants compete in real-time, which can exists as a quiz." - }, - { - "value": "capture-the-flag-jeopardy", - "expanded": "Capture the Flag - Jeopardy", - "description": "Capture the Flag (CTF) is a well-known cybersecurity contest in which participants compete in real-time, which can exists as jeopardy." - }, - { - "value": "capture-the-flag-attack", - "expanded": "Capture the Flag - Attack", - "description": "Capture the Flag (CTF) is a well-known cybersecurity contest in which participants compete in real-time, which can exists as an attack-only scenario." - }, - { - "value": "capture-the-flag-defence", - "expanded": "Capture the Flag - Defence", - "description": "Capture the Flag (CTF) is a well-known cybersecurity contest in which participants compete in real-time, which can exists as an defence-only scenario." - }, - { - "value": "capture-the-flag-attack-defence", - "expanded": "Capture the Flag - Attack-Defence", - "description": "Capture the Flag (CTF) is a well-known cybersecurity contest in which participants compete in real-time, which can exists as an attack-defence scenario." - }, - { - "value": "cyber-training-range-classroom-practice", - "expanded": "Cyber Training Range - Classroom Practice", - "description": "A cyber range provides an environment to practice network operation skills. It should represent real-world scenarios and offer isolation from other networks to contain malicious activity. In this training type, complex attacks take place in a simulated environment. The participants perform divers educational hands-on activities according to their role. In these trainings the roles that are not covered by participants are simulated or covered by the instructors. Trainings can be classroom practice." - }, - { - "value": "cyber-training-range-single-team-training", - "expanded": "Cyber Training Range - Single Team Training", - "description": "A cyber range provides an environment to practice network operation skills. It should represent real-world scenarios and offer isolation from other networks to contain malicious activity. In this training type, complex attacks take place in a simulated environment. The participants perform divers educational hands-on activities according to their role. In these trainings the roles that are not covered by participants are simulated or covered by the instructors. Trainings can be single team trainings." - }, - { - "value": "cyber-training-range-multiple-team-training", - "expanded": "Cyber Training Range - Multiple Team Training", - "description": "A cyber range provides an environment to practice network operation skills. It should represent real-world scenarios and offer isolation from other networks to contain malicious activity. In this training type, complex attacks take place in a simulated environment. The participants perform divers educational hands-on activities according to their role. In these trainings the roles that are not covered by participants are simulated or covered by the instructors. Trainings can be multiple team trainings." - }, - { - "value": "project-approach", - "expanded": "Project Approach", - "description": "In this type of training, hands-on projects are to be completed during the training. Thereby, the participants learn and understand the basic concepts of security. During the projects, the teachers can intervene and control the learning process." - } - ] - }, - { - "predicate": "scenario", - "entry": [ - { - "value": "supervised", - "expanded": "Supervision: Supervised", - "description": "Describes if the training is supervised. For instance, cyber range trainings are typically supervised." - }, - { - "value": "unsupervised", - "expanded": "Supervision: Unsupervised", - "description": "Describes if the training is unsupervised. For instance, jeopardy CTF are usually unsupervised." - }, - { - "value": "free-multiple-choice", - "expanded": "Style: Free-/Multiple Choice", - "description": "Decribes the challenges within the training as Free-/Multi Choice. (can be the case with CTFs)" - }, - { - "value": "problem-driven", - "expanded": "Style: Problem-Driven", - "description": "Describes the challenge within the training as Problem-driven." - }, - { - "value": "storyline-driven", - "expanded": "Style: Storyline-Driven", - "description": "Describes the challenge within the training as Storyline-driven." - }, - { - "value": "challenges-target-network", - "expanded": "Challenges: Network Target", - "description": "The target in this challenge is network." - }, - { - "value": "challenges-target-host", - "expanded": "Challenges: Host Target", - "description": "The target in this challenge is host." - }, - { - "value": "challenges-target-application", - "expanded": "Challenges: Application Target", - "description": "The target in this challenge is application." - }, - { - "value": "challenges-target-protocol", - "expanded": "Challenges: Protocol Target", - "description": "The target in this challenge is protocol." - }, - { - "value": "challenges-target-data", - "expanded": "Challenges: Data Target", - "description": "The target in this challenge is data." - }, - { - "value": "challenges-target-person", - "expanded": "Challenges: Person Target", - "description": "The target in this challenge is person." - }, - { - "value": "challenges-target-physical", - "expanded": "Challenges: Physical Target", - "description": "The target in this challenge is physical." - }, - { - "value": "challenges-type-foot-printing", - "expanded": "Challenges: Foot-printing Type", - "description": "Foot-printing is needed to solve this challenge." - }, - { - "value": "challenges-type-scanning", - "expanded": "Challenges: Scanning Type", - "description": "Scanning is needed to solve this challenge." - }, - { - "value": "challenges-type-enumeration", - "expanded": "Challenges: Enumeration Type", - "description": "Enumeration is needed to solve this challenge." - }, - { - "value": "challenges-type-pivoting", - "expanded": "Challenges: Pivoting Type", - "description": "Pivoting is needed to solve this challenge." - }, - { - "value": "challenges-type-exploitation", - "expanded": "Challenges: Exploitation Type", - "description": "Exploitation is needed to solve this challenge." - }, - { - "value": "challenges-type-privilege-escalation", - "expanded": "Challenges: Privilege escalation Type", - "description": "Privilege escalation is needed to solve this challenge." - }, - { - "value": "challenges-type-covering-tracks", - "expanded": "Challenges: Covering tracks Type", - "description": "Covering tracks is needed to solve this challenge." - }, - { - "value": "challenges-type-maintaining", - "expanded": "Challenges: maintaining Type", - "description": "Maintaining access is needed to solve this challenge." - } - ] - } - ] -}