CrowdStrike Certified Falcon Hunter (CCFH) — Question 79

What information is provided from the MITRE ATT&CK framework in a detection's Execution Details?

Answer options

• A. Grouping Tag
• B. Command Line
• C. Technique ID
• D. Triggering Indicator

Correct answer: C

Explanation

The correct answer is C, as the MITRE ATT&CK framework specifically provides a Technique ID to categorize the execution methods used by attackers. Options A, B, and D do not accurately reflect the type of information that the framework associates with execution details.