「サイバーセキュリティ (2020夏)」第11-12回「実践的総合演習 II」 / Practical and Comprehensive Drill 2

「サイバーセキュリティ (2020夏)」第11-12回「実践的総合演習 II」 / Practical and Comprehensive Drill 2

2020年7月20日、早稲田大学 大学院経営管理研究科の「サイバーセキュリティ (2020夏)」第11-12回にて使用したスライドです。

847a328633b1df6b11cc2f72430025e6?s=128

Kenji Saito

July 20, 2020
Tweet

Transcript

  1. 2020 11-12 II (WBS) 2020 11-12 II — 2020-07-20 –

    p.1/29
  2. https://speakerdeck.com/ks91 ( ) WBS ( ) 2020 11-12 II —

    2020-07-20 – p.2/29
  3. 1 6 15 • 2 6 15 • 3 6

    22 • 4 6 22 • 5 6 29 I • 6 6 29 I • 7 7 6 • 8 7 6 • 9 7 13 • 10 7 13 • 11 7 20 II • 12 7 20 II • 13 7 27 14 7 27 2020 11-12 II — 2020-07-20 – p.3/29
  4. II 2020 11-12 II — 2020-07-20 – p.4/29

  5. 2020 11-12 II — 2020-07-20 – p.5/29

  6. 5. (1) (2) I Eats Eats 2020 7 16 (

    ) 23:59 JST ( ) Waseda Moodle 2020 11-12 II — 2020-07-20 – p.6/29
  7. . . . . . . 14 14 ( )

    ( ) . . . ( ) ^^; ( ) Eats 2020 11-12 II — 2020-07-20 – p.7/29
  8. T 1 100 ⇒ 2020 11-12 II — 2020-07-20 –

    p.8/29
  9. T ⇒ 2020 11-12 II — 2020-07-20 – p.9/29

  10. N ⇒ (introspection) 2020 11-12 II — 2020-07-20 – p.10/29

  11. S branch protection branch 2 merge ⇒ Eats 2020 11-12

    II — 2020-07-20 – p.11/29
  12. S ⇒ 2020 11-12 II — 2020-07-20 – p.12/29

  13. T ⇒ 2020 11-12 II — 2020-07-20 – p.13/29

  14. K CSO ⇒ 2021 “FinTech 2020 Fall” ( ) 2020

    11-12 II — 2020-07-20 – p.14/29
  15. 3 2020 9 23 ( ) 2020 11-12 II —

    2020-07-20 – p.15/29
  16. Eats https://demae-eats.com 7 CTO → Eats Kokutter CEO → 9

    1 Eats ( ) ( ) ( ) ( ) - + version 1.5 2020 11-12 II — 2020-07-20 – p.16/29
  17. Eats 2020 https://campaign2020.demae-eats.com ( : 9 18 ∼10 18 )

    2 , 5 B 2 3 2020 11-12 II — 2020-07-20 – p.17/29
  18. A , B COVID-19 C . . . HK D

    2050 100% E DX e-residency 2020 11-12 II — 2020-07-20 – p.18/29
  19. AI (NPC : Non Player Character) @ / Eats @ceo

    : : @cto : CTO ( ) : @eng : : , ( : Bitcoiner) @cr : ( / / ) : @pr : Eats : @ir : : @personnel : : @sns : Kokutter : @tv : TV : @police : ( ) : 2020 11-12 II — 2020-07-20 – p.19/29
  20. – (1/3) APT (Advanced Persistent Threat; ) : APT33 (

    ), APT29 ( ), APT38 ( ), etc. AWS (Amazon Web Services; ) Amazon.com Azure ( ) CNAME (Canonical Name record; ) DNS ( ) ( ) 2020 11-12 II — 2020-07-20 – p.20/29
  21. – (2/3) DNS (Domain Name System; ) IP memcached (memory

    cache daemon; ) < , > Web ( ) (public key certificate) ( ) 2020 11-12 II — 2020-07-20 – p.21/29
  22. – (3/3) (subdomain) DNS : demae-eats.com campaign2020.demae-eats.com (hacktivist) (hacktivism) 2020

    11-12 II — 2020-07-20 – p.22/29
  23. → 2020 11-12 II — 2020-07-20 – p.23/29

  24. 10 CSIRT (Computer Security Incident Response Team) 5 CSIRT Zoom

    (19:30∼) 5 ( ) CTO CSIRT Zoom 2020 11-12 II — 2020-07-20 – p.24/29
  25. II 10 21:45 21:45 10 21:55 2020 11-12 II —

    2020-07-20 – p.25/29
  26. 2020 11-12 II — 2020-07-20 – p.26/29

  27. 6. II (1) ( ) (2) 2020 7 23 (

    ) 23:59 JST ( ) Waseda Moodle 2020 11-12 II — 2020-07-20 – p.27/29
  28. (1 ) 2020 11-12 II — 2020-07-20 – p.28/29

  29. Zoom 2020 11-12 II — 2020-07-20 – p.29/29