• Post author:
  • Post category:Updated
  • Reading time:2 mins read
  • Post last modified:June 12, 2024

What two shared sources of information are included within the MITRE ATT&CK framework? (Choose two.)

  • details about the handling of evidence including times, places, and personnel involved
  • eyewitness evidence from someone who directly observed criminal behavior
  • attacker tactics, techniques, and procedures
  • collection of digital evidence from most volatile evidence to least volatile
  • mapping the steps in an attack to a matrix of generalized tactics
Answers Explanation & Hints:

The MITRE Framework uses stored information on attacker tactics, techniques, and procedures (TTP) as part of threat defense and attack attribution. This is done by mapping the steps in an attack to a matrix of generalized tactics and describing the techniques that are used in each tactic. These sources of information create models that assist in the ability to attribute a threat.

For more Questions and Answers:

CyberOps Associate 1.02 & CA v1.0 Modules 26 – 28: Analyzing Security Data Group Exam Answers Full 100%

Subscribe
Notify of
guest
0 Comments
Inline Feedbacks
View all comments