pull/218/head
parent
9143d657db
commit
929b5cb429
|
@ -2,7 +2,9 @@
|
||||||
"namespace": "interactive-cyber-training-training-environment",
|
"namespace": "interactive-cyber-training-training-environment",
|
||||||
"description": "The training environment details the environment around the training, consisting of training type and scenario.",
|
"description": "The training environment details the environment around the training, consisting of training type and scenario.",
|
||||||
"version": 1,
|
"version": 1,
|
||||||
"refs": ["https://arxiv.org/abs/2101.05538"],
|
"refs": [
|
||||||
|
"https://arxiv.org/abs/2101.05538"
|
||||||
|
],
|
||||||
"expanded": "Interactive Cyber Training - Training Environment",
|
"expanded": "Interactive Cyber Training - Training Environment",
|
||||||
"predicates": [
|
"predicates": [
|
||||||
{
|
{
|
||||||
|
@ -14,179 +16,178 @@
|
||||||
"value": "scenario",
|
"value": "scenario",
|
||||||
"expanded": "Scenario",
|
"expanded": "Scenario",
|
||||||
"description": "The scenario is a main component of cybersecurity training. Scenarios are needed to reach the goal of the training."
|
"description": "The scenario is a main component of cybersecurity training. Scenarios are needed to reach the goal of the training."
|
||||||
}x
|
}
|
||||||
],
|
],
|
||||||
"values": [
|
"values": [
|
||||||
{
|
{
|
||||||
"predicate": "training-type",
|
"predicate": "training-type",
|
||||||
"entry": [
|
"entry": [
|
||||||
{
|
{
|
||||||
"value": "tabletop-game-speech",
|
"value": "tabletop-game-speech",
|
||||||
"expanded": "Tabletop Game - Speech",
|
"expanded": "Tabletop Game - Speech",
|
||||||
"description": "Table Top training -here based on speech-only- are a lightweight, but intellectually intense exercise. In this setting, the involved teams or participants focus on opposing missions. On a theoretical basis, the teams develop different strategies and countermeasures to explore the offensive cyber effects on operations."
|
"description": "Table Top training -here based on speech-only- are a lightweight, but intellectually intense exercise. In this setting, the involved teams or participants focus on opposing missions. On a theoretical basis, the teams develop different strategies and countermeasures to explore the offensive cyber effects on operations."
|
||||||
},
|
},
|
||||||
{
|
{
|
||||||
"value": "tabletop-game-text",
|
"value": "tabletop-game-text",
|
||||||
"expanded": "Tabletop Game - text",
|
"expanded": "Tabletop Game - text",
|
||||||
"description": "Table Top training -here based on text-only- are a lightweight, but intellectually intense exercise. In this setting, the involved teams or participants focus on opposing missions. On a theoretical basis, the teams develop different strategies and countermeasures to explore the offensive cyber effects on operations."
|
"description": "Table Top training -here based on text-only- are a lightweight, but intellectually intense exercise. In this setting, the involved teams or participants focus on opposing missions. On a theoretical basis, the teams develop different strategies and countermeasures to explore the offensive cyber effects on operations."
|
||||||
},
|
},
|
||||||
{
|
{
|
||||||
"value": "tabletop-game-multimedia",
|
"value": "tabletop-game-multimedia",
|
||||||
"expanded": "Tabletop Game - Multimedia",
|
"expanded": "Tabletop Game - Multimedia",
|
||||||
"description": "Table Top training -here based on multimedia- are a lightweight, but intellectually intense exercise. In this setting, the involved teams or participants focus on opposing missions. On a theoretical basis, the teams develop different strategies and countermeasures to explore the offensive cyber effects on operations."
|
"description": "Table Top training -here based on multimedia- are a lightweight, but intellectually intense exercise. In this setting, the involved teams or participants focus on opposing missions. On a theoretical basis, the teams develop different strategies and countermeasures to explore the offensive cyber effects on operations."
|
||||||
},
|
},
|
||||||
{
|
{
|
||||||
"value": "capture-the-flag-quiz",
|
"value": "capture-the-flag-quiz",
|
||||||
"expanded": "Capture the Flag - Quiz",
|
"expanded": "Capture the Flag - Quiz",
|
||||||
"description": "Capture the Flag (CTF) is a well-known cybersecurity contest in which participants compete in real-time, which can exists as a quiz."
|
"description": "Capture the Flag (CTF) is a well-known cybersecurity contest in which participants compete in real-time, which can exists as a quiz."
|
||||||
},
|
},
|
||||||
{
|
{
|
||||||
"value": "capture-the-flag-jeopardy",
|
"value": "capture-the-flag-jeopardy",
|
||||||
"expanded": "Capture the Flag - Jeopardy",
|
"expanded": "Capture the Flag - Jeopardy",
|
||||||
"description": "Capture the Flag (CTF) is a well-known cybersecurity contest in which participants compete in real-time, which can exists as jeopardy."
|
"description": "Capture the Flag (CTF) is a well-known cybersecurity contest in which participants compete in real-time, which can exists as jeopardy."
|
||||||
},
|
},
|
||||||
{
|
{
|
||||||
"value": "capture-the-flag-attack",
|
"value": "capture-the-flag-attack",
|
||||||
"expanded": "Capture the Flag - Attack",
|
"expanded": "Capture the Flag - Attack",
|
||||||
"description": "Capture the Flag (CTF) is a well-known cybersecurity contest in which participants compete in real-time, which can exists as an attack-only scenario."
|
"description": "Capture the Flag (CTF) is a well-known cybersecurity contest in which participants compete in real-time, which can exists as an attack-only scenario."
|
||||||
},
|
},
|
||||||
{
|
{
|
||||||
"value": "capture-the-flag-defence",
|
"value": "capture-the-flag-defence",
|
||||||
"expanded": "Capture the Flag - Defence",
|
"expanded": "Capture the Flag - Defence",
|
||||||
"description": "Capture the Flag (CTF) is a well-known cybersecurity contest in which participants compete in real-time, which can exists as an defence-only scenario."
|
"description": "Capture the Flag (CTF) is a well-known cybersecurity contest in which participants compete in real-time, which can exists as an defence-only scenario."
|
||||||
},
|
},
|
||||||
{
|
{
|
||||||
"value": "capture-the-flag-attack-defence",
|
"value": "capture-the-flag-attack-defence",
|
||||||
"expanded": "Capture the Flag - Attack-Defence",
|
"expanded": "Capture the Flag - Attack-Defence",
|
||||||
"description": "Capture the Flag (CTF) is a well-known cybersecurity contest in which participants compete in real-time, which can exists as an attack-defence scenario."
|
"description": "Capture the Flag (CTF) is a well-known cybersecurity contest in which participants compete in real-time, which can exists as an attack-defence scenario."
|
||||||
},
|
},
|
||||||
{
|
{
|
||||||
"value": "cyber-training-range-classroom-practice",
|
"value": "cyber-training-range-classroom-practice",
|
||||||
"expanded": "Cyber Training Range - Classroom Practice",
|
"expanded": "Cyber Training Range - Classroom Practice",
|
||||||
"description": "A cyber range provides an environment to practice network operation skills. It should represent real-world scenarios and offer isolation from other networks to contain malicious activity. In this training type, complex attacks take place in a simulated environment. The participants perform divers educational hands-on activities according to their role. In these trainings the roles that are not covered by participants are simulated or covered by the instructors. Trainings can be classroom practice."
|
"description": "A cyber range provides an environment to practice network operation skills. It should represent real-world scenarios and offer isolation from other networks to contain malicious activity. In this training type, complex attacks take place in a simulated environment. The participants perform divers educational hands-on activities according to their role. In these trainings the roles that are not covered by participants are simulated or covered by the instructors. Trainings can be classroom practice."
|
||||||
},
|
},
|
||||||
{
|
{
|
||||||
"value": "cyber-training-range-single-team-training",
|
"value": "cyber-training-range-single-team-training",
|
||||||
"expanded": "Cyber Training Range - Single Team Training",
|
"expanded": "Cyber Training Range - Single Team Training",
|
||||||
"description": "A cyber range provides an environment to practice network operation skills. It should represent real-world scenarios and offer isolation from other networks to contain malicious activity. In this training type, complex attacks take place in a simulated environment. The participants perform divers educational hands-on activities according to their role. In these trainings the roles that are not covered by participants are simulated or covered by the instructors. Trainings can be single team trainings."
|
"description": "A cyber range provides an environment to practice network operation skills. It should represent real-world scenarios and offer isolation from other networks to contain malicious activity. In this training type, complex attacks take place in a simulated environment. The participants perform divers educational hands-on activities according to their role. In these trainings the roles that are not covered by participants are simulated or covered by the instructors. Trainings can be single team trainings."
|
||||||
},
|
},
|
||||||
{
|
{
|
||||||
"value": "cyber-training-range-multiple-team-training",
|
"value": "cyber-training-range-multiple-team-training",
|
||||||
"expanded": "Cyber Training Range - Multiple Team Training",
|
"expanded": "Cyber Training Range - Multiple Team Training",
|
||||||
"description": "A cyber range provides an environment to practice network operation skills. It should represent real-world scenarios and offer isolation from other networks to contain malicious activity. In this training type, complex attacks take place in a simulated environment. The participants perform divers educational hands-on activities according to their role. In these trainings the roles that are not covered by participants are simulated or covered by the instructors. Trainings can be multiple team trainings."
|
"description": "A cyber range provides an environment to practice network operation skills. It should represent real-world scenarios and offer isolation from other networks to contain malicious activity. In this training type, complex attacks take place in a simulated environment. The participants perform divers educational hands-on activities according to their role. In these trainings the roles that are not covered by participants are simulated or covered by the instructors. Trainings can be multiple team trainings."
|
||||||
},
|
},
|
||||||
{
|
{
|
||||||
"value": "project-approach",
|
"value": "project-approach",
|
||||||
"expanded": "Project Approach",
|
"expanded": "Project Approach",
|
||||||
"description": "In this type of training, hands-on projects are to be completed during the training. Thereby, the participants learn and understand the basic concepts of security. During the projects, the teachers can intervene and control the learning process."
|
"description": "In this type of training, hands-on projects are to be completed during the training. Thereby, the participants learn and understand the basic concepts of security. During the projects, the teachers can intervene and control the learning process."
|
||||||
}
|
}
|
||||||
]
|
]
|
||||||
},
|
},
|
||||||
{
|
{
|
||||||
"predicate": "scenario",
|
"predicate": "scenario",
|
||||||
"entry": [
|
"entry": [
|
||||||
{
|
{
|
||||||
"value": "supervised",
|
"value": "supervised",
|
||||||
"expanded": "Supervision: Supervised",
|
"expanded": "Supervision: Supervised",
|
||||||
"description": "Describes if the training is supervised. For instance, cyber range trainings are typically supervised."
|
"description": "Describes if the training is supervised. For instance, cyber range trainings are typically supervised."
|
||||||
},
|
},
|
||||||
{
|
{
|
||||||
"value": "unsupervised",
|
"value": "unsupervised",
|
||||||
"expanded": "Supervision: Unsupervised",
|
"expanded": "Supervision: Unsupervised",
|
||||||
"description": "Describes if the training is unsupervised. For instance, jeopardy CTF are usually unsupervised."
|
"description": "Describes if the training is unsupervised. For instance, jeopardy CTF are usually unsupervised."
|
||||||
},
|
},
|
||||||
{
|
{
|
||||||
"value": "free-multiple-choice",
|
"value": "free-multiple-choice",
|
||||||
"expanded": "Style: Free-/Multiple Choice",
|
"expanded": "Style: Free-/Multiple Choice",
|
||||||
"description": "Decribes the challenges within the training as Free-/Multi Choice. (can be the case with CTFs)"
|
"description": "Decribes the challenges within the training as Free-/Multi Choice. (can be the case with CTFs)"
|
||||||
},
|
},
|
||||||
{
|
{
|
||||||
"value": "problem-driven",
|
"value": "problem-driven",
|
||||||
"expanded": "Style: Problem-Driven",
|
"expanded": "Style: Problem-Driven",
|
||||||
"description": "Describes the challenge within the training as Problem-driven.
|
"description": "Describes the challenge within the training as Problem-driven."
|
||||||
"
|
},
|
||||||
},
|
{
|
||||||
{
|
"value": "storyline-driven",
|
||||||
"value": "storyline-driven",
|
"expanded": "Style: Storyline-Driven",
|
||||||
"expanded": "Style: Storyline-Driven",
|
"description": "Describes the challenge within the training as Storyline-driven."
|
||||||
"description": "Describes the challenge within the training as Storyline-driven."
|
},
|
||||||
},
|
{
|
||||||
{
|
"value": "challenges-target-network",
|
||||||
"value": "challenges-target-network",
|
"expended": "Challenges: Network Target",
|
||||||
"expended": "Challenges: Network Target",
|
"description": "The target in this challenge is network."
|
||||||
"description": "The target in this challenge is network."
|
},
|
||||||
},
|
{
|
||||||
{
|
"value": "challenges-target-host",
|
||||||
"value": "challenges-target-host",
|
"expended": "Challenges: Host Target",
|
||||||
"expended": "Challenges: Host Target",
|
"description": "The target in this challenge is host."
|
||||||
"description": "The target in this challenge is host."
|
},
|
||||||
},
|
{
|
||||||
{
|
"value": "challenges-target-application",
|
||||||
"value": "challenges-target-application",
|
"expended": "Challenges: Application Target",
|
||||||
"expended": "Challenges: Application Target",
|
"description": "The target in this challenge is application."
|
||||||
"description": "The target in this challenge is application."
|
},
|
||||||
},
|
{
|
||||||
{
|
"value": "challenges-target-protocol",
|
||||||
"value": "challenges-target-protocol",
|
"expended": "Challenges: Protocol Target",
|
||||||
"expended": "Challenges: Protocol Target",
|
"description": "The target in this challenge is protocol."
|
||||||
"description": "The target in this challenge is protocol."
|
},
|
||||||
},
|
{
|
||||||
{
|
"value": "challenges-target-data",
|
||||||
"value": "challenges-target-data",
|
"expended": "Challenges: Data Target",
|
||||||
"expended": "Challenges: Data Target",
|
"description": "The target in this challenge is data."
|
||||||
"description": "The target in this challenge is data."
|
},
|
||||||
},
|
{
|
||||||
{
|
"value": "challenges-target-person",
|
||||||
"value": "challenges-target-person",
|
"expended": "Challenges: Person Target",
|
||||||
"expended": "Challenges: Person Target",
|
"description": "The target in this challenge is person."
|
||||||
"description": "The target in this challenge is person."
|
},
|
||||||
},
|
{
|
||||||
{
|
"value": "challenges-target-physical",
|
||||||
"value": "challenges-target-physical",
|
"expended": "Challenges: Physical Target",
|
||||||
"expended": "Challenges: Physical Target",
|
"description": "The target in this challenge is physical."
|
||||||
"description": "The target in this challenge is physical."
|
},
|
||||||
},
|
{
|
||||||
{
|
"value": "challenges-type-foot-printing",
|
||||||
"value": "challenges-type-foot-printing",
|
"expended": "Challenges: Foot-printing Type",
|
||||||
"expended": "Challenges: Foot-printing Type",
|
"description": "Foot-printing is needed to solve this challenge."
|
||||||
"description": "Foot-printing is needed to solve this challenge."
|
},
|
||||||
},
|
{
|
||||||
{
|
"value": "challenges-type-scanning",
|
||||||
"value": "challenges-type-scanning",
|
"expended": "Challenges: Scanning Type",
|
||||||
"expended": "Challenges: Scanning Type",
|
"description": "Scanning is needed to solve this challenge."
|
||||||
"description": "Scanning is needed to solve this challenge."
|
},
|
||||||
},
|
{
|
||||||
{
|
"value": "challenges-type-enumeration",
|
||||||
"value": "challenges-type-enumeration",
|
"expended": "Challenges: Enumeration Type",
|
||||||
"expended": "Challenges: Enumeration Type",
|
"description": "Enumeration is needed to solve this challenge."
|
||||||
"description": "Enumeration is needed to solve this challenge."
|
},
|
||||||
},
|
{
|
||||||
{
|
"value": "challenges-type-pivoting",
|
||||||
"value": "challenges-type-pivoting",
|
"expended": "Challenges: Pivoting Type",
|
||||||
"expended": "Challenges: Pivoting Type",
|
"description": "Pivoting is needed to solve this challenge."
|
||||||
"description": "Pivoting is needed to solve this challenge."
|
},
|
||||||
},
|
{
|
||||||
{
|
"value": "challenges-type-exploitation",
|
||||||
"value": "challenges-type-exploitation",
|
"expended": "Challenges: Exploitation Type",
|
||||||
"expended": "Challenges: Exploitation Type",
|
"description": "Exploitation is needed to solve this challenge."
|
||||||
"description": "Exploitation is needed to solve this challenge."
|
},
|
||||||
},
|
{
|
||||||
{
|
"value": "challenges-type-privilege-escalation",
|
||||||
"value": "challenges-type-privilege-escalation",
|
"expended": "Challenges: Privilege escalation Type",
|
||||||
"expended": "Challenges: Privilege escalation Type",
|
"description": "Privilege escalation is needed to solve this challenge."
|
||||||
"description": "Privilege escalation is needed to solve this challenge."
|
},
|
||||||
},
|
{
|
||||||
{
|
"value": "challenges-type-covering-tracks",
|
||||||
"value": "challenges-type-covering-tracks",
|
"expended": "Challenges: Covering tracks Type",
|
||||||
"expended": "Challenges: Covering tracks Type",
|
"description": "Covering tracks is needed to solve this challenge."
|
||||||
"description": "Covering tracks is needed to solve this challenge."
|
},
|
||||||
},
|
{
|
||||||
{
|
"value": "challenges-type-maintaining",
|
||||||
"value": "challenges-type-maintaining",
|
"expended": "Challenges: maintaining Type",
|
||||||
"expended": "Challenges: maintaining Type",
|
"description": "Maintaining access is needed to solve this challenge."
|
||||||
"description": "Maintaining access is needed to solve this challenge."
|
}
|
||||||
}
|
]
|
||||||
]
|
}
|
||||||
}
|
|
||||||
]
|
]
|
||||||
}
|
}
|
||||||
|
|
|
@ -1,157 +1,158 @@
|
||||||
{
|
{
|
||||||
"namespace": "interactive-cyber-training-training-setup",
|
"namespace": "interactive-cyber-training-training-setup",
|
||||||
"description": "The training setup further describes the training itself with the scoring, roles,
|
"description": "The training setup further describes the training itself with the scoring, roles, the training mode as well as the customization level.",
|
||||||
the training mode as well as the customization level.",
|
|
||||||
"version": 1,
|
"version": 1,
|
||||||
"refs": ["https://arxiv.org/abs/2101.05538"],
|
"refs": [
|
||||||
|
"https://arxiv.org/abs/2101.05538"
|
||||||
|
],
|
||||||
"expanded": "Interactive Cyber Training - Training Setup",
|
"expanded": "Interactive Cyber Training - Training Setup",
|
||||||
"predicates": [
|
"predicates": [
|
||||||
{
|
{
|
||||||
"value": "scoring",
|
"value": "scoring",
|
||||||
"expanded": "Scoring",
|
"expanded": "Scoring",
|
||||||
"description": "Scoring is not only used in competition-oriented training like CTF but also to motivate participants, give feedback, track the progress. The scoring can be based, but is not limited to monitoring systems, defined objectives, or over-the-shoulder evaluation mechanisms."
|
"description": "Scoring is not only used in competition-oriented training like CTF but also to motivate participants, give feedback, track the progress. The scoring can be based, but is not limited to monitoring systems, defined objectives, or over-the-shoulder evaluation mechanisms."
|
||||||
},
|
},
|
||||||
{
|
{
|
||||||
"value": "roles",
|
"value": "roles",
|
||||||
"expanded": "Roles",
|
"expanded": "Roles",
|
||||||
"description": "Participants in a training are split in different teams, according to their skills, role and tasks."
|
"description": "Participants in a training are split in different teams, according to their skills, role and tasks."
|
||||||
},
|
},
|
||||||
{
|
{
|
||||||
"value": "training-mode",
|
"value": "training-mode",
|
||||||
"expanded": "Training Mode",
|
"expanded": "Training Mode",
|
||||||
"description": "Defines whether the training opposes singles persons, teams or groups."
|
"description": "Defines whether the training opposes singles persons, teams or groups."
|
||||||
},
|
},
|
||||||
{
|
{
|
||||||
"value": "customization-level",
|
"value": "customization-level",
|
||||||
"expanded": "Customization Level",
|
"expanded": "Customization Level",
|
||||||
"description": "Defines the level of customization of the training."
|
"description": "Defines the level of customization of the training."
|
||||||
}
|
}
|
||||||
],
|
],
|
||||||
"values": [
|
"values": [
|
||||||
{
|
{
|
||||||
"predicate": "scoring",
|
"predicate": "scoring",
|
||||||
"entry": [
|
"entry": [
|
||||||
{
|
{
|
||||||
"value": "no-scoring",
|
"value": "no-scoring",
|
||||||
"expanded": "No Scoring",
|
"expanded": "No Scoring",
|
||||||
"description": "The training have no type of scoring."
|
"description": "The training have no type of scoring."
|
||||||
},
|
},
|
||||||
{
|
{
|
||||||
"value": "assessment-static",
|
"value": "assessment-static",
|
||||||
"expanded": "Assessment: Static",
|
"expanded": "Assessment: Static",
|
||||||
"description": "The scoring in this variant relies on the static setting of different scores for tasks and objectives, possibly incluing a degree of difficulty as well."
|
"description": "The scoring in this variant relies on the static setting of different scores for tasks and objectives, possibly incluing a degree of difficulty as well."
|
||||||
},
|
},
|
||||||
{
|
{
|
||||||
"value": "assessment-dynamic",
|
"value": "assessment-dynamic",
|
||||||
"expanded": "Assessment: Dynamic",
|
"expanded": "Assessment: Dynamic",
|
||||||
"description": "The scoring in this variant is set dynamically using mathematical functions or dynamic methods such as teh Elo Rating System."
|
"description": "The scoring in this variant is set dynamically using mathematical functions or dynamic methods such as teh Elo Rating System."
|
||||||
},
|
},
|
||||||
{
|
{
|
||||||
"value": "awarding-manual",
|
"value": "awarding-manual",
|
||||||
"expanded": "Awarding: Manual",
|
"expanded": "Awarding: Manual",
|
||||||
"description": "Awards are given manually."
|
"description": "Awards are given manually."
|
||||||
},
|
},
|
||||||
{
|
{
|
||||||
"value": "awarding-automatic",
|
"value": "awarding-automatic",
|
||||||
"expanded": "Awarding: Automatic",
|
"expanded": "Awarding: Automatic",
|
||||||
"description": "Awards are given automatically."
|
"description": "Awards are given automatically."
|
||||||
},
|
},
|
||||||
{
|
{
|
||||||
"value": "awarding-mixed",
|
"value": "awarding-mixed",
|
||||||
"expanded": "Awarding: Mixed",
|
"expanded": "Awarding: Mixed",
|
||||||
"description": "Awards are given manually and/or automatically."
|
"description": "Awards are given manually and/or automatically."
|
||||||
}
|
}
|
||||||
]
|
]
|
||||||
},
|
},
|
||||||
{
|
{
|
||||||
"predicate": "roles",
|
"predicate": "roles",
|
||||||
"entry": [
|
"entry": [
|
||||||
{
|
{
|
||||||
"value": "no-specific-role",
|
"value": "no-specific-role",
|
||||||
"expanded": "No specific Role",
|
"expanded": "No specific Role",
|
||||||
"description": "Individuals who do not fit into the defined teams can be assigned to this role."
|
"description": "Individuals who do not fit into the defined teams can be assigned to this role."
|
||||||
},
|
},
|
||||||
{
|
{
|
||||||
"value": "transparent-team-observer-watcher",
|
"value": "transparent-team-observer-watcher",
|
||||||
"expanded": "Transparent Team - Observer/Watcher",
|
"expanded": "Transparent Team - Observer/Watcher",
|
||||||
"description": "Members of this team observe the training. Usually, these people have a defined purpose, but have no influence on the training itself. Possible purposes are learning about the training topic and roles, studying strategies of participants, or supervising employees."
|
"description": "Members of this team observe the training. Usually, these people have a defined purpose, but have no influence on the training itself. Possible purposes are learning about the training topic and roles, studying strategies of participants, or supervising employees."
|
||||||
},
|
},
|
||||||
{
|
{
|
||||||
"value": "white-team-trainer-instructor",
|
"value": "white-team-trainer-instructor",
|
||||||
"expanded": "White Team - Trainer/Instructor",
|
"expanded": "White Team - Trainer/Instructor",
|
||||||
"description": "This team consists of instructors, referees, organizers, and training managers. They design the training scenario including objectives, rules, background story, and tasks. During the training, this team controls the progress and assigns tasks to the teams. These so-called injects also include simulated media, operation coordination, or law enforcement agencies. Giving hints for the training teams could also be part of this team."
|
"description": "This team consists of instructors, referees, organizers, and training managers. They design the training scenario including objectives, rules, background story, and tasks. During the training, this team controls the progress and assigns tasks to the teams. These so-called injects also include simulated media, operation coordination, or law enforcement agencies. Giving hints for the training teams could also be part of this team."
|
||||||
},
|
},
|
||||||
{
|
{
|
||||||
"value": "green-team-organizer-admin",
|
"value": "green-team-organizer-admin",
|
||||||
"expanded": "Green Team - Organizer/Admin",
|
"expanded": "Green Team - Organizer/Admin",
|
||||||
"description": "The operators that are responsible for the exercise infrastructure build this team. Before a training, this team sets up and configures the environment and takes it down afterwards. During a training, it also monitors the environments health and handles problems that may arise."
|
"description": "The operators that are responsible for the exercise infrastructure build this team. Before a training, this team sets up and configures the environment and takes it down afterwards. During a training, it also monitors the environments health and handles problems that may arise."
|
||||||
},
|
},
|
||||||
{
|
{
|
||||||
"value": "red-team-attacker",
|
"value": "red-team-attacker",
|
||||||
"expanded": "Red Team - Attacker",
|
"expanded": "Red Team - Attacker",
|
||||||
"description": "This team consists of people authorized and organized to model security adversaries. They are responsible to identify and exploit potential vulnerabilities present in the training environment. Depending on the training environment, the tasks can follow a predefined attack path."
|
"description": "This team consists of people authorized and organized to model security adversaries. They are responsible to identify and exploit potential vulnerabilities present in the training environment. Depending on the training environment, the tasks can follow a predefined attack path."
|
||||||
},
|
},
|
||||||
{
|
{
|
||||||
"value": "blue-team-defender",
|
"value": "blue-team-defender",
|
||||||
"expanded": "Blue Team - Defender",
|
"expanded": "Blue Team - Defender",
|
||||||
"description": "The group of individuals that is responsible for defending the training environment. They deal with the red team’s attacks and secure the compromised networks. Guidelines for that team are the training rules and local cyber law."
|
"description": "The group of individuals that is responsible for defending the training environment. They deal with the red team’s attacks and secure the compromised networks. Guidelines for that team are the training rules and local cyber law."
|
||||||
},
|
},
|
||||||
{
|
{
|
||||||
"value": "gray-team-bystander",
|
"value": "gray-team-bystander",
|
||||||
"expanded": "Gray Team - Bystander",
|
"expanded": "Gray Team - Bystander",
|
||||||
"description": "Bystanders of a training form this team. They do not necessarily have a specific intention or purpose, but an interest in the training event itself. It is also possible that this team interacts with participants and thereby unintentionally influences the training."
|
"description": "Bystanders of a training form this team. They do not necessarily have a specific intention or purpose, but an interest in the training event itself. It is also possible that this team interacts with participants and thereby unintentionally influences the training."
|
||||||
},
|
},
|
||||||
{
|
{
|
||||||
"value": "yellow-team-insider",
|
"value": "yellow-team-insider",
|
||||||
"expanded": "Yellow Team - Insider",
|
"expanded": "Yellow Team - Insider",
|
||||||
"description": "Members of this team perform not only tasks like generating legitimate network traffic and user behavior but also perform erroneous actions that lead to vulnerabilities and attacks. This team can also include the regular system builders, like programmers, developers, and software engineers and architects."
|
"description": "Members of this team perform not only tasks like generating legitimate network traffic and user behavior but also perform erroneous actions that lead to vulnerabilities and attacks. This team can also include the regular system builders, like programmers, developers, and software engineers and architects."
|
||||||
},
|
},
|
||||||
{
|
{
|
||||||
"value": "purple-team-bridge",
|
"value": "purple-team-bridge",
|
||||||
"expanded": "Purple Team - Bridge",
|
"expanded": "Purple Team - Bridge",
|
||||||
"description": "In a training, this team is a bridge between red and blue teams that helps to improve the performance of both. Through joint red-blue activities it improves the scope of the training participants. Goals are to maximize the Blue Teams capability and the effectiveness of Red Teams activities."
|
"description": "In a training, this team is a bridge between red and blue teams that helps to improve the performance of both. Through joint red-blue activities it improves the scope of the training participants. Goals are to maximize the Blue Teams capability and the effectiveness of Red Teams activities."
|
||||||
}
|
}
|
||||||
]
|
]
|
||||||
},
|
},
|
||||||
{
|
{
|
||||||
"predicate": "training-mode",
|
"predicate": "training-mode",
|
||||||
"entry": [
|
"entry": [
|
||||||
{
|
{
|
||||||
"value": "single",
|
"value": "single",
|
||||||
"expanded": "Single",
|
"expanded": "Single",
|
||||||
"description": "A single player plays against others. Others can be real persons, butalso scripted opponents."
|
"description": "A single player plays against others. Others can be real persons, butalso scripted opponents."
|
||||||
},
|
},
|
||||||
{
|
{
|
||||||
"value": "team",
|
"value": "team",
|
||||||
"expanded": "Team",
|
"expanded": "Team",
|
||||||
"description": "A team plays against others. In this alignments, each player can bring its expertise into the training, focussing on different aspects. Examples are Blue and Red Teams."
|
"description": "A team plays against others. In this alignments, each player can bring its expertise into the training, focussing on different aspects. Examples are Blue and Red Teams."
|
||||||
},
|
},
|
||||||
{
|
{
|
||||||
"value": "cross-group",
|
"value": "cross-group",
|
||||||
"expanded": "Cross-Group",
|
"expanded": "Cross-Group",
|
||||||
"description": "A group plays against others. In this setting, the group members might not know each other. Example are CTF competitions and training for the entire organization in a breach scenario."
|
"description": "A group plays against others. In this setting, the group members might not know each other. Example are CTF competitions and training for the entire organization in a breach scenario."
|
||||||
}
|
}
|
||||||
]
|
]
|
||||||
},
|
},
|
||||||
{
|
{
|
||||||
"predicate": "customization-level",
|
"predicate": "customization-level",
|
||||||
"entry": [
|
"entry": [
|
||||||
{
|
{
|
||||||
"value": "general",
|
"value": "general",
|
||||||
"expanded": "General",
|
"expanded": "General",
|
||||||
"description": "A general purpose training setup is not, or only little customized. This variant is suited for an entry level training or to learn about general processes without regard to the underlying setup."
|
"description": "A general purpose training setup is not, or only little customized. This variant is suited for an entry level training or to learn about general processes without regard to the underlying setup."
|
||||||
},
|
},
|
||||||
{
|
{
|
||||||
"value": "specific",
|
"value": "specific",
|
||||||
"expanded": "Specific",
|
"expanded": "Specific",
|
||||||
"description": "The training setup can be customized for a specific training goal or target audience. Examples for this variant are specific trainings within the High School education or for the health sector."
|
"description": "The training setup can be customized for a specific training goal or target audience. Examples for this variant are specific trainings within the High School education or for the health sector."
|
||||||
},
|
},
|
||||||
{
|
{
|
||||||
"value": "individual",
|
"value": "individual",
|
||||||
"expanded": "Individual",
|
"expanded": "Individual",
|
||||||
"description": "The most tailored variant is an individual customization. Hereby, the training setup corresponds to a real environment in the best possible way. Exemplary uses of this variant are the training of teams in their environment or the training of new expert-level employees."
|
"description": "The most tailored variant is an individual customization. Hereby, the training setup corresponds to a real environment in the best possible way. Exemplary uses of this variant are the training of teams in their environment or the training of new expert-level employees."
|
||||||
}
|
}
|
||||||
]
|
]
|
||||||
}
|
}
|
||||||
]
|
]
|
||||||
}
|
}
|
||||||
|
|
Loading…
Reference in New Issue