CrowdStrike Certified Falcon Hunter (CCFH) — Question 43

Which threat framework allows a threat hunter to explore and model specific adversary tactics and techniques, with links to intelligence and case studies?

Answer options

• A. MITRE ATT&CK
• B. Lockheed Martin Cyber Kill Chain
• C. Director of National Intelligence Cyber Threat Framework
• D. NIST 800-171 Cyber Threat Framework

Correct answer: A

Explanation

The correct answer is MITRE ATT&CK, as it provides a comprehensive knowledge base of adversary tactics and techniques, which is crucial for threat hunters. The other options, while relevant to cybersecurity, do not specifically focus on modeling adversary tactics and linking to intelligence in the same way that MITRE ATT&CK does.