CrowdStrike Exam CCFR-201 Topic 1 Question 5 Discussion

Actual exam question for CrowdStrike's CCFR-201 exam

Question #: 5
Topic #: 1

What information does the MITRE ATT&CK Framework provide?

AIt provides best practices for different cybersecurity domains, such as Identify and Access Management

BIt provides a step-by-step cyber incident response strategy

CIt provides the phases of an adversary's lifecycle, the platforms they are known to attack, and the specific methods they use

DIt is a system that attributes an attack techniques to a specific threat actor

Show Suggested Answer

Suggested Answer: C

According to the [MITRE ATT&CK website], MITRE ATT&CK is a knowledge base of adversary behaviors and techniques based on real-world observations. The knowledge base is organized into tactics and techniques, where tactics are the high-level goals of an adversary, such as initial access, persistence, lateral movement, etc., and techniques are the specific ways an adversary can achieve those goals, such as phishing, credential dumping, remote file copy, etc. The knowledge base also covers different platforms that adversaries target, such as Windows, Linux, Mac, Android, iOS, etc., and different phases of an adversary's lifecycle, such as reconnaissance, resource development, execution, command and control, etc.

by Barbra at Oct 04, 2023, 02:34 AM

Limited Time Offer

25%

Off

Get Premium CCFR-201 Questions as Interactive Web-Based Practice Test or PDF

Contribute your Thoughts:

Submit Cancel

Currently there are no comments in this discussion, be the first to comment!