nerdexam
Palo_Alto_Networks

PCCSE · Question #181

Under which tactic is "Exploit Public-Facing Application" categorized in the ATT&CK framework?

The correct answer is B. Initial Access. 'Exploit Public-Facing Application' (T1190) is classified under the Initial Access tactic in the MITRE ATT&CK framework. Initial Access covers techniques adversaries use to gain a first foothold in a network or environment. Exploiting vulnerabilities in internet-facing systems (w

Cloud Native Security

Question

Under which tactic is "Exploit Public-Facing Application" categorized in the ATT&CK framework?

Options

  • ADefense Evasion
  • BInitial Access
  • CExecution
  • DPrivilege Escalation

How the community answered

(54 responses)
  • A
    2% (1)
  • B
    91% (49)
  • C
    6% (3)
  • D
    2% (1)

Explanation

'Exploit Public-Facing Application' (T1190) is classified under the Initial Access tactic in the MITRE ATT&CK framework. Initial Access covers techniques adversaries use to gain a first foothold in a network or environment. Exploiting vulnerabilities in internet-facing systems (web apps, VPNs, etc.) is a primary entry-point method. Defense Evasion, Execution, and Privilege Escalation are later-stage tactics that occur after the attacker has already established presence.

Topics

#MITRE ATT&CK#Initial Access#Exploit Public-Facing Application#Cloud Native Security

Community Discussion

No community discussion yet for this question.

Full PCCSE Practice