diff --git a/lib/quadblockquiz_web/templates/layout/root.html.heex b/lib/quadblockquiz_web/templates/layout/root.html.heex index 4d7ab8da..545819dc 100644 --- a/lib/quadblockquiz_web/templates/layout/root.html.heex +++ b/lib/quadblockquiz_web/templates/layout/root.html.heex @@ -62,10 +62,10 @@ - diff --git a/lib/quadblockquiz_web/templates/layout/tailwind.html.heex b/lib/quadblockquiz_web/templates/layout/tailwind.html.heex index 0542120b..ac1ba90d 100644 --- a/lib/quadblockquiz_web/templates/layout/tailwind.html.heex +++ b/lib/quadblockquiz_web/templates/layout/tailwind.html.heex @@ -53,10 +53,10 @@ class="max-h-32" /> - diff --git a/mix.exs b/mix.exs index 82138741..075766bd 100644 --- a/mix.exs +++ b/mix.exs @@ -5,7 +5,7 @@ defmodule Quadblockquiz.MixProject do [ app: :quadblockquiz, description: "Descri'be", - version: "1.0.4", + version: "1.0.6", elixir: "~> 1.15.4", elixirc_paths: elixirc_paths(Mix.env()), start_permanent: Mix.env() == :prod, diff --git a/priv/static/images/oca.jpeg b/priv/static/images/oca.jpeg new file mode 100644 index 00000000..19d842a6 Binary files /dev/null and b/priv/static/images/oca.jpeg differ diff --git a/qna/0start/028.cat.md b/qna/0start/028.cat.md index 09f0d2ef..9af68801 100644 --- a/qna/0start/028.cat.md +++ b/qna/0start/028.cat.md @@ -14,18 +14,18 @@ gets you at least one of each of the powerups. Other categories include: - Sponsors - this category has the most :Superpower powerups so definitely spend some time with the Sponsors - Automation - this category has a mix of powerups -- CACAO - fill in -- CSAF - fill in -- IoB - fill in -- Kestrel - fill in -- OCA (Open Cybersecurity Alliance) - fill in -- OpenC2 - fill in +- CACAO - this category has a mix of powerups +- CSAF - this category has a mix of powerups +- IoB - this category has a mix of powerups +- Kestrel - this category has a mix of powerups +- OCA (Open Cybersecurity Alliance) - this category has a mix of powerups +- OpenC2 - this category has a mix of powerups - Phoenix - this category has many :ClearBlocks powerups (phoenix = rebirth) -- Risk - fill in -- STIX - fillin -- SBOM- fill in -- Supply Chain - fill in -- Village - fillin +- Risk - this category has a mix of powerups +- STIX - this category has a mix of powerups +- SBOM- this category has a mix of powerups +- Supply Chain - this category has a mix of powerups +- Village - this category has a mix of powerups # Question: Which category has the most :Superpower power-ups? diff --git a/qna/Sponsors/000.sponsors.md b/qna/Sponsors/000.sponsors.md index bea4800d..50dd49b5 100644 --- a/qna/Sponsors/000.sponsors.md +++ b/qna/Sponsors/000.sponsors.md @@ -21,7 +21,7 @@ can be traded in for any other powerup. Make sure to say thank you to our sponsors: - Peraton (host) - Cyware (lunch) -- OASIS (logistics) +- OCA (logistics) - sFractal Consulting (this game, contest prizes) - Podii (software support to this game) - Briar Cutter (creative support to this game) @@ -35,7 +35,7 @@ Which of the following was NOT a sponsor of QuadBlockQuiz or the Cybersecurity A - Cyware - Darkside - Grox.io -- OASIS +- OCA - Peraton - Podii - sFractal Consulting diff --git a/qna/Sponsors/002.sponsors.md b/qna/Sponsors/002.sponsors.md index d06b9ec6..b478f446 100644 --- a/qna/Sponsors/002.sponsors.md +++ b/qna/Sponsors/002.sponsors.md @@ -21,7 +21,7 @@ can be traded in for any other powerup. Make sure to say thank you to our sponsors: - Peraton (host) - Cyware (lunch) -- OASIS (logistics) +- OCA (logistics) - sFractal Consulting (this game, contest prizes) - Podii (software support to this game) - Briar Cutter (creative support to this game) @@ -34,7 +34,7 @@ Which sponsor was the host of the Cybersecurity Automation Village this year? - Briar Cutter - Cyware - Grox.io -- OASIS +- OCA - Peraton - Podii - sFractal Consulting diff --git a/qna/Sponsors/004.sponsors.md b/qna/Sponsors/004.sponsors.md index ed983b7b..932e332d 100644 --- a/qna/Sponsors/004.sponsors.md +++ b/qna/Sponsors/004.sponsors.md @@ -21,7 +21,7 @@ can be traded in for any other powerup. Make sure to say thank you to our sponsors: - Peraton (host) - Cyware (lunch) -- OASIS (logistics) +- OCA (logistics) - sFractal Consulting (this game, contest prizes) - Podii (software support to this game) - Briar Cutter (creative support to this game) @@ -34,7 +34,7 @@ Which sponsor was supplied lunch to the Cybersecurity Automation Village this ye - Briar Cutter - Cyware - Grox.io -- OASIS +- OCA - Peraton - Podii - sFractal Consulting diff --git a/qna/Sponsors/006.sponsors.md b/qna/Sponsors/006.sponsors.md index 5e516169..4f426481 100644 --- a/qna/Sponsors/006.sponsors.md +++ b/qna/Sponsors/006.sponsors.md @@ -13,7 +13,7 @@ by answering the questions correctly. Make sure to say thank you to our sponsors: - Peraton (host) - Cyware (lunch) -- OASIS (logistics) +- OCA (logistics) - sFractal Consulting (this game, contest prizes) - Podii (software support to this game) - Briar Cutter (creative support to this game) @@ -26,7 +26,7 @@ Which sponsor was the logistical support of the Cybersecurity Automation Village - Briar Cutter - Cyware - Grox.io -- OASIS +- OCA - Peraton - Podii - sFractal Consulting diff --git a/qna/Sponsors/008.sponsors.md b/qna/Sponsors/008.sponsors.md index 401e3149..915c28d3 100644 --- a/qna/Sponsors/008.sponsors.md +++ b/qna/Sponsors/008.sponsors.md @@ -8,7 +8,7 @@ Make sure to say thank you to our sponsors: - Peraton (host) - Cyware (lunch) -- OASIS (logistics) +- OCA (logistics) - sFractal Consulting (this game, contest prizes) - Podii (software support to this game) - Briar Cutter (creative support to this game) @@ -18,7 +18,7 @@ Make sure to say thank you to our sponsors: Which sponsors were responsible for QuadBlockQuiz? ## Answers -- Cyware, OASIS, Peraton +- Cyware, OCA, Peraton - AWS, Google, Microsoft - sFractal Consulting, Podii, Briar Cutter, Grox.io - Anonymous, Darkside, REvil, Lazarus diff --git a/qna/Sponsors/018.oasis.md b/qna/Sponsors/018.oasis.md index 2ddfda3f..e83f69bf 100644 --- a/qna/Sponsors/018.oasis.md +++ b/qna/Sponsors/018.oasis.md @@ -12,7 +12,7 @@ In the past, sudden tsunamis, tornadoes and flash floods took communities by sur OASIS Open is an established non-profit organization where individuals, organizations and governments come together to solve some of the world’s biggest technical challenges through the development of open code and open standards. QR codes, the Common Alerting Protocol (CAP), and the projects at this village are only a few of these open, fair, and transparent standards, which are transforming our world in a positive way, every day. -OASIS Open provided the logistical support for this year's Cybersecurity Automation Village. +The Open Cybersecurity Alliance (OCA), logistical sponsor of the village, is an OASIS Open Project. # Question: Which of the following standards were developed at OASIS Open? diff --git a/qna/csaf/010.md b/qna/csaf/010.md index c202e704..f946f543 100644 --- a/qna/csaf/010.md +++ b/qna/csaf/010.md @@ -6,7 +6,7 @@ ## VEX VEX stands for “Vulnerability Exploitability eXchange.” CSAF stands for "Common Security Advisory Format". -CSAF is an OASIS Standard that has a VEX profile which +CSAF is an OASIS Standard that has a VEX profile which allows a software supplier or other parties to assert the status of specific vulnerabilities in a particular product or product line. diff --git a/qna/kestrel/010.md b/qna/kestrel/010.md index a8e17632..7dedaa96 100644 --- a/qna/kestrel/010.md +++ b/qna/kestrel/010.md @@ -4,14 +4,35 @@ --- ## Kestrel -need something +Kestrel is a threat hunting language which +provides an abstraction for threat hunters to focus on what to hunt instead of how to hunt. + +Kestrel is a threat hunting language aiming to make cyber threat hunting fast by providing +a layer of abstraction to build reusable, composable, and shareable hunt-flow. + +What does it mean by hunt fast? + +- Do NOT write the same IoB pattern in different data source queries. +- Do NOT write one-time-use adapaters to connect hunt steps. +- Do NOT waste your existing analytic scripts/programs in future hunts. +- Do construct your hunt-flow from smaller reuseable hunt-flow. +- Do share your huntbook with your future self and your colleagues. +- Do get interactive feedback and revise hunt-flow on the fly. + +Besides being a threat hunting language, the namesake of the project is also a type of falcon. +The American Kestrel, is the smallest and most common falcon in North America. +Formerly called "sparrowhawk", +a misnomer as it is a true falcon and is unrelated genetically to the Eurasian sparrowhawk. # Question: -What is question? +Which of the following is untrue? ## Answers -- wrong answer -- right answer +- Kestrel allows threat hunters to share hunt-flows +- Kestrel makes cyber threat hunting fast +- Kestrel is a type of falcon +- With Kestrel, threat hunters can reuse hunt-flows +- Kestrel allows threat hunters to focus on how to hunt instead of what to hunt ## Score - Right:25 diff --git a/qna/kestrel/020.md b/qna/kestrel/020.md deleted file mode 100644 index a8e17632..00000000 --- a/qna/kestrel/020.md +++ /dev/null @@ -1,21 +0,0 @@ -%{ - type: "multi-choice" -} - ---- -## Kestrel -need something - -# Question: -What is question? - -## Answers -- wrong answer -- right answer - -## Score -- Right:25 -- Wrong:5 - -## Powerup -MoveBlock diff --git a/qna/kestrel/030.md b/qna/kestrel/030.md deleted file mode 100644 index a8e17632..00000000 --- a/qna/kestrel/030.md +++ /dev/null @@ -1,21 +0,0 @@ -%{ - type: "multi-choice" -} - ---- -## Kestrel -need something - -# Question: -What is question? - -## Answers -- wrong answer -- right answer - -## Score -- Right:25 -- Wrong:5 - -## Powerup -MoveBlock diff --git a/qna/kestrel/040.md b/qna/kestrel/040.md deleted file mode 100644 index a8e17632..00000000 --- a/qna/kestrel/040.md +++ /dev/null @@ -1,21 +0,0 @@ -%{ - type: "multi-choice" -} - ---- -## Kestrel -need something - -# Question: -What is question? - -## Answers -- wrong answer -- right answer - -## Score -- Right:25 -- Wrong:5 - -## Powerup -MoveBlock diff --git a/qna/kestrel/050.md b/qna/kestrel/050.md deleted file mode 100644 index a8e17632..00000000 --- a/qna/kestrel/050.md +++ /dev/null @@ -1,21 +0,0 @@ -%{ - type: "multi-choice" -} - ---- -## Kestrel -need something - -# Question: -What is question? - -## Answers -- wrong answer -- right answer - -## Score -- Right:25 -- Wrong:5 - -## Powerup -MoveBlock diff --git a/qna/oca/010.md b/qna/oca/010.md index 66ff432e..b2b7c7e6 100644 --- a/qna/oca/010.md +++ b/qna/oca/010.md @@ -4,14 +4,33 @@ --- ## Open Cybersecurity Alliance -need something +The Open Cybersecurity Alliance (OCA) is +making standards-based, interoperable cybersecurity a reality. +OCA develops standardized data interfaces +to support an open ecosystem where cybersecurity tools +interoperate without the need for custom integrations. + +OCA is a nonprofit, global collaboration of software providers, end users, +government agencies, research institutes +and individuals committed to enabling the free exchange of +information, insights, analytics, and response across cybersecurity tools. + +An open source project, OCA operates under the OASIS Open governance process, which ensures transparency, +inclusiveness, and safety, with a path to standardization in international policy and procurement. + # Question: -What is question? +What is OCA the abbreviation for? ## Answers -- wrong answer -- right answer +- Open Cybersecurity Alliance +- Open Cybersecurity Association +- Open Cyberspace Alliance +- Organization of Cybersecurity Allies +- Open Cyberspace Association +- Orthodox Church in America +- Organization of Chinese Americans + ## Score - Right:25 diff --git a/qna/oca/020.md b/qna/oca/020.md index 66ff432e..27552bed 100644 --- a/qna/oca/020.md +++ b/qna/oca/020.md @@ -4,14 +4,32 @@ --- ## Open Cybersecurity Alliance -need something +The Open Cybersecurity Alliance (OCA) is +making standards-based, interoperable cybersecurity a reality. +OCA develops standardized data interfaces +to support an open ecosystem where cybersecurity tools +interoperate without the need for custom integrations. + +OCA is a nonprofit, global collaboration of software providers, end users, +government agencies, research institutes +and individuals committed to enabling the free exchange of +information, insights, analytics, and response across cybersecurity tools. + +An open source project, OCA operates under the OASIS Open governance process, which ensures transparency, +inclusiveness, and safety, with a path to standardization in international policy and procurement. + # Question: -What is question? +OCA is a nonprofit operating under what governance process: ## Answers -- wrong answer -- right answer +- GitHub +- OASIS Open +- Linux Foundation +- Creative Commons +- Apache License 2.0 +- Open Cybersecurity Alliance + ## Score - Right:25 diff --git a/qna/oca/030.md b/qna/oca/030.md deleted file mode 100644 index 66ff432e..00000000 --- a/qna/oca/030.md +++ /dev/null @@ -1,21 +0,0 @@ -%{ - type: "multi-choice" -} - ---- -## Open Cybersecurity Alliance -need something - -# Question: -What is question? - -## Answers -- wrong answer -- right answer - -## Score -- Right:25 -- Wrong:5 - -## Powerup -MoveBlock diff --git a/qna/oca/040.md b/qna/oca/040.md deleted file mode 100644 index 66ff432e..00000000 --- a/qna/oca/040.md +++ /dev/null @@ -1,21 +0,0 @@ -%{ - type: "multi-choice" -} - ---- -## Open Cybersecurity Alliance -need something - -# Question: -What is question? - -## Answers -- wrong answer -- right answer - -## Score -- Right:25 -- Wrong:5 - -## Powerup -MoveBlock diff --git a/qna/oca/050.md b/qna/oca/050.md deleted file mode 100644 index 66ff432e..00000000 --- a/qna/oca/050.md +++ /dev/null @@ -1,21 +0,0 @@ -%{ - type: "multi-choice" -} - ---- -## Open Cybersecurity Alliance -need something - -# Question: -What is question? - -## Answers -- wrong answer -- right answer - -## Score -- Right:25 -- Wrong:5 - -## Powerup -MoveBlock diff --git a/qna/stix/010.md b/qna/stix/010.md index 69e5b30f..2500b3ab 100644 --- a/qna/stix/010.md +++ b/qna/stix/010.md @@ -4,14 +4,30 @@ --- ## STIX -need something +Structured Threat Information Expression (STIX) is a language and serialization format +used to exchange cyber threat intelligence (CTI). + +With STIX, an OASIS Open Standard, sharing and ingesting cyber threat intelligence becomes a lot easier. +With STIX, all aspects of suspicion, compromise and attribution can be represented clearly +with objects and descriptive relationships. +STIX information can be visually represented for an analyst or stored as JSON to be quickly machine readible. +STIX's openness allows for integration into existing tools and products +or utilized for your specific analyst or network needs. + +The Cybersecurity and Infrastructure Security Agency (CISA) uses STIX in it's +Automated Indicator Sharing (AIS) for sharing +threat activity context such as tactics, techniques, and procedures, vulnerabilities, and courses of action. +STIX is used in AIS with many Information Sharing and Analysis Centers (ISACs) including +Health ISAC, Multi-State ISAC, Water ISAC, Financial Services ISAC, Autommotive ISAC, and many more. # Question: -What is question? +What is STIX the abbreviation for? ## Answers -- wrong answer -- right answer +- It is not an abreviation but named after a knitting store in Bozeman, Montana +- Scientific and Technical Information eXchange +- Structured Threat Information eXpression +- Structured Threat Information eXchange ## Score - Right:25 diff --git a/qna/stix/020.md b/qna/stix/020.md deleted file mode 100644 index 69e5b30f..00000000 --- a/qna/stix/020.md +++ /dev/null @@ -1,21 +0,0 @@ -%{ - type: "multi-choice" -} - ---- -## STIX -need something - -# Question: -What is question? - -## Answers -- wrong answer -- right answer - -## Score -- Right:25 -- Wrong:5 - -## Powerup -MoveBlock diff --git a/qna/stix/030.md b/qna/stix/030.md deleted file mode 100644 index 69e5b30f..00000000 --- a/qna/stix/030.md +++ /dev/null @@ -1,21 +0,0 @@ -%{ - type: "multi-choice" -} - ---- -## STIX -need something - -# Question: -What is question? - -## Answers -- wrong answer -- right answer - -## Score -- Right:25 -- Wrong:5 - -## Powerup -MoveBlock diff --git a/qna/stix/040.md b/qna/stix/040.md deleted file mode 100644 index 69e5b30f..00000000 --- a/qna/stix/040.md +++ /dev/null @@ -1,21 +0,0 @@ -%{ - type: "multi-choice" -} - ---- -## STIX -need something - -# Question: -What is question? - -## Answers -- wrong answer -- right answer - -## Score -- Right:25 -- Wrong:5 - -## Powerup -MoveBlock diff --git a/qna/stix/050.md b/qna/stix/050.md deleted file mode 100644 index 69e5b30f..00000000 --- a/qna/stix/050.md +++ /dev/null @@ -1,21 +0,0 @@ -%{ - type: "multi-choice" -} - ---- -## STIX -need something - -# Question: -What is question? - -## Answers -- wrong answer -- right answer - -## Score -- Right:25 -- Wrong:5 - -## Powerup -MoveBlock