9 thoughts on “Which option is a misuse variety per VERIS enumerations?”
VERIS classification note: There is an action category for Hacking and for Misuse. Both can utilize similar vectors and achieve similar results; in Misuse, the actor was granted access/privileges (and used them inappropriately), whereas, with Hacking, access/privileges are obtained illegitimately.
VERIS classification note: There is an action category for Hacking and for Misuse. Both can utilize similar vectors and achieve similar results; in Misuse, the actor was granted access/privileges (and used them inappropriately), whereas with Hacking, access/privileges are obtained illegitimately.
Agree question is baldly designed and can be interpreted in different ways.
Within the Actions category there are 4 sub categories: Hacking, Social, Malware and Misuse. So you could possibly answer B: Hacking at this level. However, the question does ask specifically about misuse variety and within the actual Misuse category A,B or C could be construed from the misuse categories.
Becuase none of the 4 answers are actually referenced specifically I would be tempted to go for the the higher level answer B: Hacking category as opposed to the variety categories
Thoughts anyone????
ACTION.PHYSICAL.VARIETY
Assault: Assault (threats or acts of physical violence)
Sabotage: Sabotage (deliberate damaging or disabling)
Snooping: Snooping (sneak about to gain info or access)
Surveillance: Surveillance (monitoring and observation)
Tampering: Tampering (alter physical form or function)
Theft: Theft (taking assets without permission)
Wiretapping: Wiretapping (Physical tap to comms line)
Unknown: Unknown
Other: Other
3 of them are here:
A. snooping
C. theft
D. assault
Knowledge abuse: Abuse of private or entrusted knowledge
Privilege abuse: Abuse of system access privileges
Embezzlement: Embezzlement, skimming, and related fraud
Data mishandling: Handling of data in an unapproved manner
Email misuse: Inappropriate use of email or IM
Net misuse: Inappropriate use of network or Web access
Illicit content: Storage or distribution of illicit content
Unapproved workaround: Unapproved workaround or shortcut
Unapproved hardware: Use of unapproved hardware or devices
Unapproved software: Use of unapproved software or services
Unknown: Unknown
Other: Other
ACTION.MISUSE.VECTOR
Physical access: Physical access within corporate facility
LAN access: Local network access within corporate facility
Remote access: Remote access connection to corporate network (i.e. VPN)
Non-corporate: Non-corporate facilities or networks
Unknown: Unknown
Other: Other
VERIS classification note: There is an action category for Hacking and for Misuse. Both can utilize similar vectors and achieve similar results; in Misuse, the actor was granted access/privileges (and used them inappropriately), whereas, with Hacking, access/privileges are obtained illegitimately.
http://veriscommunity.net/actions.html#section-social
I agree with you @ ally
it has to be spooking where the user has over extend his limit
sorry i meant to say SNOOPING
I think this is the explanation why B is the answer.
From: http://veriscommunity.net/actions.html#section-misuse
VERIS classification note: There is an action category for Hacking and for Misuse. Both can utilize similar vectors and achieve similar results; in Misuse, the actor was granted access/privileges (and used them inappropriately), whereas with Hacking, access/privileges are obtained illegitimately.
Agree question is baldly designed and can be interpreted in different ways.
Within the Actions category there are 4 sub categories: Hacking, Social, Malware and Misuse. So you could possibly answer B: Hacking at this level. However, the question does ask specifically about misuse variety and within the actual Misuse category A,B or C could be construed from the misuse categories.
Becuase none of the 4 answers are actually referenced specifically I would be tempted to go for the the higher level answer B: Hacking category as opposed to the variety categories
Thoughts anyone????
B is the correct answer
from: http://veriscommunity.net/enums.html
ACTION.PHYSICAL.VARIETY
Assault: Assault (threats or acts of physical violence)
Sabotage: Sabotage (deliberate damaging or disabling)
Snooping: Snooping (sneak about to gain info or access)
Surveillance: Surveillance (monitoring and observation)
Tampering: Tampering (alter physical form or function)
Theft: Theft (taking assets without permission)
Wiretapping: Wiretapping (Physical tap to comms line)
Unknown: Unknown
Other: Other
3 of them are here:
A. snooping
C. theft
D. assault
¿¿¿???
from: http://veriscommunity.net/enums.html
ACTION.MISUSE.VARIETY
Knowledge abuse: Abuse of private or entrusted knowledge
Privilege abuse: Abuse of system access privileges
Embezzlement: Embezzlement, skimming, and related fraud
Data mishandling: Handling of data in an unapproved manner
Email misuse: Inappropriate use of email or IM
Net misuse: Inappropriate use of network or Web access
Illicit content: Storage or distribution of illicit content
Unapproved workaround: Unapproved workaround or shortcut
Unapproved hardware: Use of unapproved hardware or devices
Unapproved software: Use of unapproved software or services
Unknown: Unknown
Other: Other
ACTION.MISUSE.VECTOR
Physical access: Physical access within corporate facility
LAN access: Local network access within corporate facility
Remote access: Remote access connection to corporate network (i.e. VPN)
Non-corporate: Non-corporate facilities or networks
Unknown: Unknown
Other: Other
something is wrong with this question