CompTIA CySA+ (CS0-003) — Question 328

Which of the following threat-hunting concepts is most concerned with identifying the behaviors of the bad actor?

Answer options

• A. Threat intelligence sharing
• B. Indicators of compromise
• C. Insider threat analysis
• D. Tactics, techniques, and procedures

Correct answer: D

Explanation

The correct answer, D, Tactics, techniques, and procedures, specifically pertains to understanding how adversaries operate. Options A and B relate to information sharing and evidence of attacks, while C focuses on threats from within an organization rather than external bad actors.