A security analyst for a managed service provider wants to implement the most up-to-date and effective security methodologies to provide clients with the best offerings. Which of the following resources would the analyst MOST likely adopt?
Answer has to be ISO.
Key phrase in the question: "security methodologies".
Examples) ISO27001: Information Security Management System (ISMS), ISO/IEC 27005: Information Security Risk Management.
MITRE ATT&CK is a knowledge base of adversary tactics and techniques.
MITRE ATT&CK is generally considered more effective than ISO standards because it provides a detailed, real-time view of attacker tactics, techniques, and procedures (TTPs), enabling more targeted defense strategies compared to the broader, compliance-focused ISO guidelines.
From the MITRE Corporation website: "MITRE ATT&CK® is a knowledge base that helps model cyber adversaries' tactics and techniques—and then shows how to detect or stop them." So this would satisfy the need for methodologies for the security analyst. Also, they are more up-to-date than ISO. ISO does focus on security too, but they review their standards every 5 years.
I'm going with B since ISO releases standards specific to helping with strengthening cybersecurity posture. MITRE is more about detailing tactics of adversaries. MITRE can help see what types of attacks need to be defended against, but ISO standards would be more specific to building a strong cybersecurity posture.
This one is weird. I guess it should be MITRE but only because the others don't really make sense...OWASP is for web applications, OSINT is open source intelligence gathering and ISO is for standardization.
I believe the answer is C. I was going back and forth between MITRE and OWASP, but after reading what the official Comptia study guide said regarding the 2, I chose MITRE
upvoted 4 times
...
This section is not available anymore. Please use the main Exam Page.CAS-004 Exam Questions
Log in to ExamTopics
Sign in:
Community vote distribution
A (35%)
C (25%)
B (20%)
Other
Most Voted
A voting comment increases the vote count for the chosen answer by one.
Upvoting a comment with a selected answer will also increase the vote count towards that answer by one.
So if you see a comment that you already agree with, you can upvote it instead of posting a new comment.
talosDevbot
Highly Voted 1 year, 3 months agoarmid
10 months, 1 week agonuel_12
Highly Voted 1 year, 5 months agoSteel16
Most Recent 2 months, 2 weeks agoHereToStudy
8 months agoEAlonso
10 months agoninjachuleta
10 months, 4 weeks agoe020fdc
1 year, 2 months agoThatGuyOverThere
1 year, 6 months agolast_resort
2 years, 1 month agoGeofab
2 years, 1 month ago