Which of the following threat management frameworks should the team implement?

A threat hunting team receives a report about possible APT activity in the network.

Which of the following threat management frameworks should the team implement?
A . NIST SP 800-53
B . MITRE ATT&CK
C . The Cyber Kill Chain
D . The Diamond Model of Intrusion Analysis

View Answer

Answer: B

Explanation:

MITRE ATT&CK is a threat management framework that provides a comprehensive and detailed knowledge base of adversary tactics and techniques based on real-world observations. It can help threat hunting teams to identify, understand, and prioritize potential threats, as well as to develop effective detection and response strategies. MITRE ATT&CK covers the entire lifecycle of a cyberattack, from initial access to impact, and provides information on how to mitigate, detect, and hunt for each technique. It also includes threat actor profiles, software descriptions, and data sources that can be used for threat intelligence and analysis.

Verified Reference:

https://attack.mitre.org/

https://resources.infosecinstitute.com/topic/top-threat-modeling-frameworks-stride-owasp-top-10-mitre-attck-framework/

https://www.ibm.com/topics/threat-management