As a Microsoft Cybersecurity Architect, you are tasked with enhancing the threat detection capabilities of an organization that operates across cloud, enterprise, mobile, and ICS environments using the MITRE ATT&CK framework. The organization requires a solution that not only identifies and maps attack techniques relevant to each environment but also evaluates the effectiveness of current security controls, addresses any detection gaps, and ensures the solution evolves with the threat landscape. Considering cost, compliance, and scalability, which of the following steps is the MOST comprehensive and efficient approach to achieve this goal? (Choose one)

Simulated

Focus solely on identifying and mapping attack techniques to the MITRE ATT&CK matrices for each environment, as this provides a baseline for threat detection without the need for further action.

0.0%

After mapping attack techniques, assess the current security controls' effectiveness but delay implementing any changes to avoid disrupting existing operations and incurring additional costs.

0.0%

Develop a phased approach that starts with identifying attack techniques, assesses current controls, addresses gaps with scalable solutions, and includes a plan for continuous monitoring and updates, ensuring compliance and cost-effectiveness.

0.0%

Implement all possible security tools and controls across all environments immediately to ensure no attack technique goes undetected, regardless of cost or operational impact.

0.0%

All of the above.

100.0%

Microsoft Cybersecurity Architect Expert SC-100

Comments

Get started today