Lesson 4: MITRE ATT&CK macOS Matrix

Question 1

What is the MITRE ATT&CK Matrix? | A community-driven knowledge base of tactics

Answer 1

techniques

Question 2

In the MITRE ATT&CK Matrix

Answer 2

what is a tactic? | The goal of a malicious actor.

Question 3

In the MITRE ATT&CK Matrix

Answer 3

what is a technique? | An action or method used to achieve a tactical goal.

Question 4

In the MITRE ATT&CK Matrix

Answer 4

what is a procedure? | A real-world

Question 5

How can tactics

Answer 5

techniques

Question 6

What is the MITRE ATT&CK PRE Matrix? | A matrix detailing preparatory techniques used by malicious actors before attempting to compromise a system.

Question 7

The MITRE ATT&CK PRE Matrix is composed of which two tactics? | Reconnaissance and Resource Development.

Question 8

Are the PRE Matrix tactics platform-specific? | No

Answer 8

they are platform agnostic and apply across enterprise environments.

Question 9

What is the focus of the MITRE ATT&CK macOS Matrix? | Techniques specific to penetration and threat persistence within macOS.

Question 10

What is Platform-agnostic technology? | Refers to the ability of software

Answer 10

applications

Question 11

How does Jamf Protect use the MITRE ATT&CK macOS Matrix? | Many of its analytics are mapped directly to the Matrix.

Question 12

What tagging is used in Jamf Protect analytics? | Technique and/or ID number from the MITRE ATT&CK Matrix.

Question 13

Which feature in Jamf Protect detects malicious actors using tactics

Answer 13

techniques