| Open Access SQOUTTactics
Tactics represent the 'why' of a technique or countermeasure. It is the threat actor's (Eve's) or defender's tactical goal and the reason they are performing a technique or countermeasure.
Tactics: 7
| QID | Title | Description | Type |
|---|---|---|---|
| T-0021 | Model |
The model tactic is used to apply security engineering, vulnerability, threat, and risk analyses to the systems. |
Defence |
| T-0015 | Harden |
The harden tactic is used to increase the opportunity cost of a system exploitation. Hardening differs from Detection in that it generally is conducted before a system is online and operational. |
Defence |
| T-0016 | Detect |
The detect tactic is used to identify adversary access to or unauthorized activity on a system. |
Defence |
| T-0017 | Isolate |
The isolate tactic creates logical or physical barriers in a system which reduces opportunities for adversaries to create further accesses. |
Defence |
| T-0018 | Deceive |
The deceive tactic is used to advertise, entice, and allow potential attackers access to an observed or controlled environment. |
Defence |
| T-0019 | Evict |
The eviction tactic is used to remove an adversary from a system. |
Defence |
| T-0020 | Restore |
The restore tactic is used to return the system to a better state. |
Defence |