During a post-breach analysis, a cybersecurity analyst discovers that an attacker leveraged scheduled tasks to execute malicious payloads after initial compromise. Which MITRE ATT&CK tactic BEST describes this observed behavior?
Credential Access
Persistence
Discovery
Privilege Escalation