ExamTopics Logo
Mail Us[email protected]
Menu
Comptia Discussions
exam questions

Exam PT0-002 All Questions

View all questions & answers for the PT0-002 exam
Go to Exam

Exam PT0-002 topic 1 question 4 discussion

Actual exam question from CompTIA's PT0-002
Question #: 4
Topic #: 1
[All PT0-002 Questions]

A penetration tester is explaining the MITRE ATT&CK framework to a company's chief legal counsel.
Which of the following would the tester MOST likely describe as a benefit of the framework?

  • A. Understanding the tactics of a security intrusion can help disrupt them.
  • B. Scripts that are part of the framework can be imported directly into SIEM tools.
  • C. The methodology can be used to estimate the cost of an incident better.
  • D. The framework is static and ensures stability of a security program over time.
Show Suggested Answer Hide Answer
Suggested Answer: A 🗳️
by RRabbit_111 at Jan. 18, 2023, 1:59 a.m.

Comments

Chosen Answer:
This is a voting comment (?). It is better to Upvote an existing comment if you don't have anything to add.
Switch to a voting comment New
Submit Cancel
RRabbit_111
Highly Voted 2 years, 3 months ago
Selected Answer: A
A. Understanding the tactics of a security intrusion can help disrupt them. The MITRE ATT&CK framework is a widely used method for describing the tactics, techniques, and procedures (TTPs) used by attackers in cyber security incidents. One of the main benefits of the framework is that it can help organizations understand the tactics used by attackers, and therefore, take steps to disrupt them or improve their defense against them. By understanding the tactics and techniques used by attackers, organizations can better identify and mitigate potential threats to their systems and data. Other benefits of the MITRE ATT&CK framework include that it can be used to help prioritize security efforts, assess the effectiveness of security controls, and measure an organization's readiness to defend against attacks. However, it should be noted that the framework is not a static one, and it's updated regularly to reflect new threats and techniques.
upvoted 14 times
...
MeisAdriano
Most Recent 9 months, 2 weeks ago
Selected Answer: A
I confirm A, because MITRE ATT&CK stands for "Adversarial Tactics, Techniques & Common Knowledge" so you use the methodology of your adversarial to disrupt them.
upvoted 1 times
...
Meep123
1 year, 7 months ago
I love you, Mr. RRabbit.
upvoted 4 times
...
Community vote distribution
A (35%)
C (25%)
B (20%)
Other
Most Voted
A voting comment increases the vote count for the chosen answer by one.

Upvoting a comment with a selected answer will also increase the vote count towards that answer by one. So if you see a comment that you already agree with, you can upvote it instead of posting a new comment.

SaveCancel
exam
Someone Bought Contributor Access for:
SY0-701
London, 1 minute ago