CCFH-202 Exam QuestionsBrowse all questions from this exam

CCFH-202 Exam - Question 34


What information is provided from the MITRE ATT&CK framework in a detection's Execution Details?

Show Answer
Correct Answer: C

The MITRE ATT&CK framework is a globally accessible knowledge base of adversary tactics and techniques based on real-world observations. A Technique ID is a unique identifier assigned to specific methods adversaries use to achieve their goals. In the context of a detection's Execution Details, the Technique ID from the MITRE ATT&CK framework provides precise information about the specific tactic or technique that was potentially employed. This information helps security analysts understand the nature of the threat and respond appropriately.

Discussion

1 comment
Sign in to comment
alanalanalanOption: C
Jul 9, 2024

C. Technique ID