Juan wants to describe threat actors using common attributes. What is NOT a common attribute used to describe threat actors?

Common attributes of threat actors that you should be able to describe and explain for the Security+ exam include whether they are internal or external threats, their level of sophistication or capability, their resources or funding, and their intent or motivation. The number of years of experience is difficult to determine for many threat actors and is not a direct way to gauge their capabilities, and is therefore not a common attribute that is used to assess them.