Standard Users – UB Network
UB – User Behaviour Rp -Related Page K -KQL Queries W– WebSites M – MITRE ATT&CK Reference
SCKIPT User Behaviour Matrix (Standard Users) | ||||
|---|---|---|---|---|
Source (UB) | Case Scenario (C) | Known Interactions (K) | Protection (P) | Threats (T) |
UB4. Network | UB4.C1 – Web Surfing | UB4.C1.K1 – Establish communications UB4.C1.K2 – Use plugins on websites. UB4.C1.K3 – Use distinct browsers | UB4.C1.K1.P1 Enforce Last version of TLS Enforce Strong Cipher Suite algorithms Enforce highest curve encryption methods UB4.C1.K3.P1 – Restrict allowed browsers to navigate | UB4.C1.K1.T1 – Unencrypted or risk communications – Low/risk Cipher Suite algorithms – Low/risk Curve encryption established – Old and vulnerable TLS Versions  |
UB4.C2 – Web Actions | UB4.C2.K1 – Click on Web Links UB4.C2.K2 – Download Files | UB4.C2.K1.P1 – Use a link checker  UB4.C2.K2.P1 – Validate File Extensions UB4.C2.K2.P2 – Validate FileHashes with Threat Intelligence Sources | UB4.C2.K1.T1 – Phishing and Fake Login Pages  UB4.C2.K2.T1 – Download Malicious Files | |