A security analyst has been reading about a newly discovered cyberattack from a known threat actor. Which of
the following would BEST support the analyst's review of the tactics, techniques, and protocols the threat actor
was observed using in previous campaigns?
A. Security research publications
B. The MITRE ATT&CK framework
C. The Diamond Model of Intrusion Analysis
D. The Cyber Kill Chain
the following would BEST support the analyst's review of the tactics, techniques, and protocols the threat actor
was observed using in previous campaigns?
A. Security research publications
B. The MITRE ATT&CK framework
C. The Diamond Model of Intrusion Analysis
D. The Cyber Kill Chain