CompTIA CySA+ (CS0-003) — Question 237

Which of following attack methodology frameworks should a cybersecurity analyst use to identify similar TTPs utilized by nation-state actors?

Answer options

• A. Cyber kill chains
• B. Diamond Model of Intrusion Analysis
• C. OWASP Testing Guide
• D. MITRE ATT&CK matrix

Correct answer: D

Explanation

The correct answer is D, the MITRE ATT&CK matrix, because it specifically catalogues the tactics, techniques, and procedures (TTPs) used by various threat actors, including nation-states. The other options, while relevant to cybersecurity, do not provide a comprehensive framework for analyzing TTPs in the context of nation-state actors.