updates

sparrell · Apr 5, 2024 · f3c854a · f3c854a
1 parent 1e12219
commit f3c854a
Show file tree

Hide file tree

Showing 17 changed files with 102 additions and 259 deletions.
diff --git a/mix.exs b/mix.exs
@@ -5,7 +5,7 @@ defmodule Quadblockquiz.MixProject do
     [
       app: :quadblockquiz,
       description: "Descri'be",
-      version: "1.0.5",
+      version: "1.0.6",
       elixir: "~> 1.15.4",
       elixirc_paths: elixirc_paths(Mix.env()),
       start_permanent: Mix.env() == :prod,

diff --git a/qna/0start/028.cat.md b/qna/0start/028.cat.md
@@ -14,18 +14,18 @@ gets you at least one of each of the powerups.
 Other categories include:
 - Sponsors - this category has the most :Superpower powerups so definitely spend some time with the Sponsors
 - Automation - this category has a mix of powerups
-- CACAO - fill in
-- CSAF - fill in
-- IoB - fill in
-- Kestrel - fill in
-- OCA (Open Cybersecurity Alliance) - fill in
-- OpenC2 - fill in
+- CACAO - this category has a mix of powerups
+- CSAF - this category has a mix of powerups
+- IoB - this category has a mix of powerups
+- Kestrel - this category has a mix of powerups
+- OCA (Open Cybersecurity Alliance) - this category has a mix of powerups
+- OpenC2 - this category has a mix of powerups
 - Phoenix - this category has many :ClearBlocks powerups (phoenix = rebirth)
-- Risk - fill in
-- STIX - fillin
-- SBOM- fill in
-- Supply Chain - fill in
-- Village - fillin
+- Risk - this category has a mix of powerups
+- STIX - this category has a mix of powerups
+- SBOM- this category has a mix of powerups
+- Supply Chain - this category has a mix of powerups
+- Village - this category has a mix of powerups
 
 # Question:
 Which category has the most :Superpower power-ups?

diff --git a/qna/kestrel/010.md b/qna/kestrel/010.md
@@ -4,14 +4,35 @@
 
 ---
 ## Kestrel
-need something
+Kestrel is a threat hunting language which
+provides an abstraction for threat hunters to focus on what to hunt instead of how to hunt.
+
+Kestrel is a threat hunting language aiming to make cyber threat hunting fast by providing 
+a layer of abstraction to build reusable, composable, and shareable hunt-flow.
+
+What does it mean by hunt fast?
+
+- Do NOT write the same IoB pattern in different data source queries.
+- Do NOT write one-time-use adapaters to connect hunt steps.
+- Do NOT waste your existing analytic scripts/programs in future hunts.
+- Do construct your hunt-flow from smaller reuseable hunt-flow.
+- Do share your huntbook with your future self and your colleagues.
+- Do get interactive feedback and revise hunt-flow on the fly.
+
+Besides being a threat hunting language, the namesake of the project is also a type of falcon.
+The American Kestrel, is the smallest and most common falcon in North America. 
+Formerly called "sparrowhawk", 
+a misnomer as it is a true falcon and is unrelated genetically to the Eurasian sparrowhawk.
 
 # Question:
-What is question?
+Which of the following is untrue?
 
 ## Answers
-- wrong answer
-- right answer
+- Kestrel allows threat hunters to share hunt-flows 
+- Kestrel makes cyber threat hunting fast
+- Kestrel is a type of falcon
+- With Kestrel, threat hunters can reuse hunt-flows
+- Kestrel allows threat hunters to focus on how to hunt instead of what to hunt
 
 ## Score
 - Right:25

diff --git a/qna/kestrel/020.md b/qna/kestrel/020.md
diff --git a/qna/kestrel/030.md b/qna/kestrel/030.md
diff --git a/qna/kestrel/040.md b/qna/kestrel/040.md
diff --git a/qna/kestrel/050.md b/qna/kestrel/050.md
diff --git a/qna/oca/010.md b/qna/oca/010.md
@@ -4,14 +4,33 @@
 
 ---
 ## Open Cybersecurity Alliance
-need something
+The Open Cybersecurity Alliance (OCA) is
+making standards-based, interoperable cybersecurity a reality.
+OCA develops standardized data interfaces
+to support an open ecosystem where cybersecurity tools 
+interoperate without the need for custom integrations.
+
+OCA is a nonprofit, global collaboration of software providers, end users, 
+government agencies, research institutes 
+and individuals committed to enabling the free exchange of 
+information, insights, analytics, and response across cybersecurity tools. 
+
+An open source project, OCA operates under the OASIS Open governance process, which ensures transparency, 
+inclusiveness, and safety, with a path to standardization in international policy and procurement.
+
 
 # Question:
-What is question?
+What is OCA the abbreviation for?
 
 ## Answers
-- wrong answer
-- right answer
+- Open Cybersecurity Alliance
+- Open Cybersecurity Association
+- Open Cyberspace Alliance
+- Organization of Cybersecurity Allies
+- Open Cyberspace Association
+- Orthodox Church in America
+- Organization of Chinese Americans
+
 
 ## Score
 - Right:25

diff --git a/qna/oca/020.md b/qna/oca/020.md
@@ -4,14 +4,32 @@
 
 ---
 ## Open Cybersecurity Alliance
-need something
+The Open Cybersecurity Alliance (OCA) is
+making standards-based, interoperable cybersecurity a reality.
+OCA develops standardized data interfaces
+to support an open ecosystem where cybersecurity tools 
+interoperate without the need for custom integrations.
+
+OCA is a nonprofit, global collaboration of software providers, end users, 
+government agencies, research institutes 
+and individuals committed to enabling the free exchange of 
+information, insights, analytics, and response across cybersecurity tools. 
+
+An open source project, OCA operates under the OASIS Open governance process, which ensures transparency, 
+inclusiveness, and safety, with a path to standardization in international policy and procurement.
+
 
 # Question:
-What is question?
+OCA is a nonprofit operating under what governance process:
 
 ## Answers
-- wrong answer
-- right answer
+- GitHub 
+- OASIS Open
+- Linux Foundation
+- Creative Commons
+- Apache License 2.0
+- Open Cybersecurity Alliance
+
 
 ## Score
 - Right:25

diff --git a/qna/oca/030.md b/qna/oca/030.md
diff --git a/qna/oca/040.md b/qna/oca/040.md
diff --git a/qna/oca/050.md b/qna/oca/050.md
diff --git a/qna/stix/010.md b/qna/stix/010.md
@@ -4,14 +4,30 @@
 
 ---
 ## STIX
-need something
+Structured Threat Information Expression (STIX) is a language and serialization format 
+used to exchange cyber threat intelligence (CTI). 
+
+With STIX, an OASIS Open Standard, sharing and ingesting cyber threat intelligence becomes a lot easier. 
+With STIX, all aspects of suspicion, compromise and attribution can be represented clearly 
+with objects and descriptive relationships. 
+STIX information can be visually represented for an analyst or stored as JSON to be quickly machine readible. 
+STIX's openness allows for integration into existing tools and products 
+or utilized for your specific analyst or network needs.
+
+The Cybersecurity and Infrastructure Security Agency (CISA) uses STIX in it's 
+Automated Indicator Sharing (AIS) for sharing
+threat activity context such as tactics, techniques, and procedures, vulnerabilities, and courses of action.
+STIX is used in AIS with many Information Sharing and Analysis Centers (ISACs) including
+Health ISAC, Multi-State ISAC, Water ISAC, Financial Services ISAC, Autommotive ISAC, and many more.
 
 # Question:
-What is question?
+What is STIX the abbreviation for?
 
 ## Answers
-- wrong answer
-- right answer
+- It is not an abreviation but named after a knitting store in Bozeman, Montana
+- Scientific and Technical Information eXchange
+- Structured Threat Information eXpression
+- Structured Threat Information eXchange
 
 ## Score
 - Right:25

diff --git a/qna/stix/020.md b/qna/stix/020.md
diff --git a/qna/stix/030.md b/qna/stix/030.md