PT0-002 · Question #247
PT0-002 Question #247: Real Exam Question with Answer & Explanation
The correct answer is B: MITRE ATT&CK framework. The MITRE ATT&CK framework is a methodology that should be used to best meet the client's expectations. The MITRE ATT&CK framework is a knowledge base of adversary tactics, techniques, and procedures (TTPs) that are continuously updated based on real-world observations. The frame
Question
A client would like to have a penetration test performed that leverages a continuously updated TTPs framework and covers a wide variety of enterprise systems and networks. Which of the following methodologies should be used to BEST meet the client's expectations?
Options
- AOWASP Top 10
- BMITRE ATT&CK framework
- CNIST Cybersecurity Framework
- DThe Diamond Model of Intrusion Analysis
Explanation
The MITRE ATT&CK framework is a methodology that should be used to best meet the client's expectations. The MITRE ATT&CK framework is a knowledge base of adversary tactics, techniques, and procedures (TTPs) that are continuously updated based on real-world observations. The framework covers a wide variety of enterprise systems and networks, such as Windows, Linux, macOS, cloud, mobile, and network devices. The framework can help the penetration tester to emulate realistic threats and identify gaps in defenses.
Topics
Community Discussion
No community discussion yet for this question.