A - this is the Mitre ATTCK framework.
B - this is technical systems like SIEMS and EDRs.
C - this is the cyber kill chain.
D- this is the diamond analysis.
From study guide: Kill chain analysis can identify a defensive course of action to counter the
progression of an attack. Security teams must understand the kill chain stages to
recognize how far suspicious activity has progressed.
D only mentions lateral movement, which is just one part of an intrusion.
The Cyber Kill Chain is a proactive defense model that focuses on breaking the chain at any stage to stop an attack.
It provides a clear view of how an attacker typically progresses through an attack, from reconnaissance to data exfiltration.
i think its B because C & D mentions how to combat the attack which isnt in cyber kill chain. It just ascertains what the attacker is doing nothing more. And the English in A uses "correlate event" which I dont think you would use for cyber kill chain.
upvoted 1 times
...
This section is not available anymore. Please use the main Exam Page.CS0-003 Exam Questions
Log in to ExamTopics
Sign in:
Community vote distribution
A (35%)
C (25%)
B (20%)
Other
Most Voted
A voting comment increases the vote count for the chosen answer by one.
Upvoting a comment with a selected answer will also increase the vote count towards that answer by one.
So if you see a comment that you already agree with, you can upvote it instead of posting a new comment.
noa808a
2 weeks, 6 days agoiliecomptia
1 month agoiliecomptia
1 month agoada26b1
1 month, 1 week ago4ee1800
1 month, 2 weeks ago1403ad2
2 months, 2 weeks ago