Hi, can you please help me with an attack tree. This will be one of my exam questions (unsure what the goal of the question will be), however, the lecture has advised the following:

1. Aim for a minimum of 30 nodes in the attack tree

2. Attack tree must be correctly drawn with clearly defined levels

3. Must incorporate technical and non-technical approaches

4. Must specify tools/software/devices in the attack tree (where appropriate). The tools we have used through the unit are: Kali Linux, steghide, crytool, FTK imager, crackstation(net),P0f

I've based my previous assignment attack tree on "obtain user password", which was only around 12 nodes and was quite basic.

On our random questions for exam study is "Using the goal of "Access Confidential Information" draw an attack tree depecting the different ways by which an attacker could access condifential informtion from a home user's windows computer. Assume no computer or network security has been implemented.

Ive started with "Recon", Expliot/Gain Access, Consolidate. I was thinking wireless access point should be included?

Could someone please assist on the thought process for obtain at least 30 nodes(i believe this is the entire tree subnodes etc).

Best regards, S