Apply appropriate countermeasures
https://tryhackme.com/room/opsec |
Countermeasures are designed to prevent an adversary from detecting critical information, provide an alternative interpretation of critical information or indicators (deception), or deny the adversary’s collection system.
Example: The countermeasure for the vulnerability of running Nmap, using the Metasploit framework, and hosting the phishing pages using the same public IP address, seems obvious: Use a different IP address for each activity.
Example: For the vulnerability of an unsecured database used to store data received from a phishing page, ensure that the database is adequately secured so that the data cannot be accessed except by authorised people.