Exam SY0-601 topic 1 question 777 discussion

B. Using the MITRE ATT&CK framework MITRE ATT&CK provides a standardized way to categorize and share information about threat actors' Tactics, Techniques, and Procedures (TTPs). This framework would be a suitable method for a security analyst to categorize and share information about a threat actor's TTPs with colleagues at a partner organization.

B. Using the MITRE ATT&CK framework The MITRE ATT&CK (Adversarial Tactics, Techniques, and Common Knowledge) framework is specifically designed for categorizing and sharing information about threat actor Tactics, Techniques, and Procedures (TTPs). It provides a standardized way to describe the actions and behaviors of attackers across the different stages of the cyber kill chain. Sharing threat actor TTPs using the MITRE ATT&CK framework allows security analysts to communicate effectively and ensures a common understanding of the tactics employed by the threat actor.

B. Using the MITRE ATT&CK framework The best method for categorizing and sharing a threat actor's Tactics, Techniques, and Procedures (TTPs) with colleagues, especially across organizations, is to use the MITRE ATT&CK framework. ATT&CK (Adversarial Tactics, Techniques, and Common Knowledge) is a knowledge base that provides a comprehensive and standardized way to describe the actions and behaviors of threat actors.

B. Using the MITRE ATT&CK framework The most effective method for categorizing and sharing a threat actor's Tactics, Techniques, and Procedures (TTPs) with colleagues, especially across different organizations, is to use the MITRE ATT&CK (Adversarial Tactics, Techniques, and Common Knowledge) framework