CompTIA CySA+ (CS0-002) — Question 82

A security team identified some specific known tactics and techniques to help mitigate repeated credential access threats, such as account manipulation and brute forcing. Which of the flowing frameworks or models did the security team MOST likely use to identify the tactics and techniques?

Answer options

• A. MITRE ATT&CK
• B. ITIL
• C. Kill chain
• D. Diamond Model of intrusion Analysis

Correct answer: A

Explanation

The MITRE ATT&CK framework is specifically designed to document and categorize tactics and techniques used in cyber attacks, making it the most suitable choice for the security team's needs. ITIL focuses on IT service management, the Kill Chain is a model for understanding intrusion phases, and the Diamond Model is used for threat analysis, none of which are as directly relevant to credential access tactics.