An organization is planning to deploy new systems after a major reorganization. They have limited references or security frameworks and want to establish a risk-based approach. Which option is the best starting point for anticipating possible attacks at this phase?
Gather feedback from a focused team, examining applicable regulations for relevance.
Develop a set of guidelines based on available templates from previous implementations.
Analyze adversary tactics from reliable resources, structuring them by potential impact.
Design an initial environment outline, then review the architecture post-deployment.
Reviewing adversary tactics from trusted threat intelligence sources provides a structured and forward-looking view of potential risks. This early analysis supports a risk-based approach by identifying relevant vulnerabilities before systems are deployed. Relying on outdated templates, limited team input, or post-deployment reviews increases the likelihood of missing critical threats during initial planning.
Ask Bash
Bash is our AI bot, trained to help you pass your exam. AI Generated Content may display inaccurate information, always double-check anything important.
Why are adversary tactics a better starting point than using templates?
Open an interactive chat with Bash
What are threat intelligence sources, and why are they important here?
Open an interactive chat with Bash
How do adversary tactics help structure potential impacts for a risk-based approach?