Vik Hari

**Replies by sbarnum:** On the original question expressed for this issue "For the "File" property bundle, what are considered to have a file system type?", I do not have an...

**Replies by mike-parkhill:** I would think it should be acceptable (at least for a v1.0) to simply state that the standard expects base64 encoding. If that's clear in the implementation...

**Reply by casework:** Sounds good. To summarize, the "File" property bundle would only be used IF the data is a file in the sense it has a file path and/or...

^ To clarify, we think this could help avoid having to use a miscellaneous/wrapper propertyBundle for gaps in the ontology that adopters identify as something that should not be in...

Potential related issues: - https://github.com/d3fend/d3fend-ontology/issues/122

### Title Some other options for title: - Remote Access Monitoring - (inspired by remote support/sysadmin class of tools like Bomgar/BeyondTrust, TeamViewer, VNC) - GUI Monitoring - (catch-all, if wanting...

Also, I wanted to make readers aware of https://github.com/d3fend/d3fend-ontology/issues/360 list of all PAM issues. It may serve to fill gaps in understanding each of the issues since they may list...

After looking things over further this makes more sense to me. ### Commands [System File Analysis](https://d3fend.mitre.org/technique/d3f:SystemFileAnalysis) is one thing that indicates watching logs, but it is centered around system logs...

I'm not sure if this should be a technique as there are already D3s that satisfy examples above: - 1 = D3-AM - 2 = multiple D3s - 3 =...

When working on a PR for this I don't see HSM or TPM as a DA. I wonder if one or both of these should be added as TPM Boot...