CompTIA SecurityX (CAS-005) — Question 240

An organization’s senior security architect would like to develop cyberdefensive strategies based on standardized adversary techniques, tactics, and procedures commonly observed. Which of the following would best support this objective?

Answer options

• A. OSINT analysis
• B. The Diamond Model of Intrusion Analysis
• C. MITRE ATT&CK
• D. Deepfake generation
• E. Closed-source intelligence reporting

Correct answer: C

Explanation

The correct answer is C, MITRE ATT&CK, as it provides a comprehensive framework of known adversary behaviors that helps organizations develop effective defensive strategies. The other options, while useful in their own contexts, do not specifically focus on the standardized techniques and tactics used by adversaries as effectively as MITRE ATT&CK.