An organization is planning to deploy new systems after a major reorganization. They have limited references or security frameworks and want to establish a risk-based approach. Which option is the best starting point for anticipating possible attacks at this phase?
Design an initial environment outline, then review the architecture post-deployment.
Develop a set of guidelines based on available templates from previous implementations.
Analyze adversary tactics from reliable resources, structuring them by potential impact.
Gather feedback from a focused team, examining applicable regulations for relevance.
Reviewing adversary tactics from trusted threat intelligence sources provides a structured and forward-looking view of potential risks. This early analysis supports a risk-based approach by identifying relevant vulnerabilities before systems are deployed. Relying on outdated templates, limited team input, or post-deployment reviews increases the likelihood of missing critical threats during initial planning.
Ask Bash
Bash is our AI bot, trained to help you pass your exam. AI Generated Content may display inaccurate information, always double-check anything important.
What are adversary tactics and why are they important in a risk-based approach?
Open an interactive chat with Bash
What are trusted threat intelligence sources, and how can they inform security planning?
Open an interactive chat with Bash
How does analyzing adversary tactics differ from using templates or post-deployment reviews?