CompTIA CASP+ (CAS-004) — Question 537

A small company recently developed prototype technology for a military program. The company’s security engineer is concerned about potential theft of the newly developed, proprietary information.

Which of the following should the security engineer do to BEST manage the threats proactively?

Answer options

• A. Join an information-sharing community that is relevant to the company.
• B. Leverage the MITRE ATT&CK framework to map the TTP.
• C. Use OSINT techniques to evaluate and analyze the threats.
• D. Implement a network-based intrusion detection system.

Correct answer: B

Explanation

Using the MITRE ATT&CK framework allows the security engineer to systematically identify and understand tactics, techniques, and procedures (TTP) used by adversaries, enabling better preparation against specific threats. While joining an information-sharing community, using OSINT, and implementing an intrusion detection system are beneficial, they do not provide the same level of structured threat mapping that the MITRE ATT&CK framework offers.