CrowdStrike Certified Falcon Responder (CCFR) — Question 42

Which of the following tactic and technique combinations is sourced from MITRE ATT&CK information?

Answer options

• A. Falcon Intel via Intelligence Indicator - Domain
• B. Machine Learning via Cloud-Based ML
• C. Malware via PUP
• D. Credential Access via OS Credential Dumping

Correct answer: D

Explanation

The correct answer is D, as OS Credential Dumping is a recognized technique within the MITRE ATT&CK framework for the tactic of Credential Access. The other options, while they may relate to cybersecurity, do not specifically align with established MITRE ATT&CK tactics and techniques.