nerdexam
ExamsCAS-005Questions#18
CompTIACompTIA

CAS-005 · Question #18

CAS-005 Question #18: Real Exam Question with Answer & Explanation

The correct answer is A: ATT&CK. The MITRE ATT&CK framework provides a comprehensive knowledge base of adversary tactics, techniques, and procedures (TTPs) that can be used for threat modeling. It helps identify gaps in detection capabilities by mapping real-world attack behaviors specific to the industry, makin

Submitted by femi9· Mar 6, 2026Security Operations

Question

An organization is looking for gaps in its detection capabilities based on the APTs that may target the industry. Which of the following should the security analyst use to perform threat modeling?

Options

  • AATT&CK
  • BOWASP
  • CCAPEC
  • DSTRIDE

Explanation

The MITRE ATT&CK framework provides a comprehensive knowledge base of adversary tactics, techniques, and procedures (TTPs) that can be used for threat modeling. It helps identify gaps in detection capabilities by mapping real-world attack behaviors specific to the industry, making it the most relevant for the task.

Community Discussion

No community discussion yet for this question.

Sign up to join the discussion
Full CAS-005 PracticeBrowse All CAS-005 Questions