• What is the term for a person/group that has the intention to perform malicious actions against cyber resources?

Adversary Operator

• What is the term of the person or a group that will receive the benefits from the cyberattacks?

Adversary Customer

• What is the term that applies to the Diamond Model for organizations or people that are being targeted?

Victim Personae

• Provide the term for the set of tools or capabilities that belong to an adversary.

Adversary Arsenal

• To which type of infrastructure do malicious domains and compromised email accounts belong?

Type 2 Infrastructure

• What type of infrastructure is most likely owned by an adversary? 

Type 1 Infrastructure

• What meta-feature does the axiom "Every malicious activity contains two or more phases which must be successfully executed in succession to achieve the desired result" belong to?  

Phase

• You can label the event results as "success", "failure", and "unknown". What meta-feature is this related to? 

Result

• To what meta-feature is this phrase applicable "Every intrusion event requires one or more external resources to be satisfied prior to success"? 

Resources

• Complete all eight areas of the diamond. What is the flag that is displayed to you? 

THM{DIAMOND_MODEL_ATTACK_CHAIN}