Explanation about different security frameworks

NIST Cyber security framework (CSF)

Focuses around these five functions: Identify -> Protect -> Detect -> Respond -> Recover. This helps an organization to prioritize their investment into cybersecurity.

ISO 27000 Series

ISO 270001 and ISO 270002 helps to implement an information security management system (ISMS). These standards are great when you assess an institution or company if they meet cyber security requirements.

MITRE ATT&CK Framework

Helps to identify an adversary by looking at their Tactics, Techniques and Procedures (TTPs). Its a mapping of techniques agains attack phases.

Cyber Kill Chain

Describes 7 stages of an attack. This helps to understand the adversary’s tactic. Cyber kill chain

Unified Kill Chain (UKC)

Unification of MITRE ATT&CK and Cyber Kill Chain. It describes 18 phases of an attack based on TTPs of an adversary. The 18 phases split into 3 cycles:

In, Through and Out

To solve this task, you would need to sort the 18 attack phases of ULC into the right order.

Updated: