CompTIA CySA+ (CS0-003) — Question 136

Which of the following statements best describes the MITRE ATT&CK framework?

Answer options

• A. It provides a comprehensive method to test the security of applications.
• B. It provides threat intelligence sharing and development of action and mitigation strategies.
• C. It helps identify and stop enemy activity by highlighting the areas where an attacker functions.
• D. It tracks and understands threats and is an open-source project that evolves.
• E. It breaks down intrusions into a clearly defined sequence of phases.

Correct answer: C

Explanation

Option C is correct because the MITRE ATT&CK framework specifically aims to identify and understand attacker behaviors and tactics, which helps organizations to detect and respond to threats. The other options, while related to cybersecurity, do not accurately capture the primary focus of the MITRE ATT&CK framework, which is to provide a detailed representation of adversary actions.