Guiana & Co. is a well-established cyber-security company in the United States. The organization implemented the automation of tasks such as data enrichment and indicator aggregation. They also joined various communities to increase their knowledge about the emerging threats. However, the security ...
CTIA - Test Prep
Guiana & Co. is a well-established cyber-security company in the United States. The
organization implemented the automation of tasks such as data enrichment and
indicator aggregation. They also joined various communities to increase their
knowledge about the emerging threats. However, the security teams can only detect
and prevent identified threats in a reactive approach.
Based on threat intelligence maturity model, identify the level of Guiana & Co. to know
the stage at which the organization stands with its security and vulnerabilities. (Page 65)
correct answers A. Level 1: preparing for CTI
B. Level 0: vague where to start
C. Level 3: CTI program in place
D. Level 2: increasing CTI capabilities
Which of the following characteristics of APT refers to numerous attempts done by the
attacker to gain entry to target's network? (Page 98) correct answers A. Attack
origination points
B. Timeliness
C. Multiphased
D. Risk Tolerance
Bob, a threat analyst, works in an organization named TechTop. He was asked to
collect intelligence to fulfill the needs and requirements of the Red Team present within
the organization.
Which of the following are the needs of a Red Team? (Page 516) correct answers A.
Intelligence related to increased attacks targeting a particular software or operating
system vulnerability
B. Intelligence that reveals risks related to various strategic business decisions
C. Intelligence on latest vulnerabilities, threat actors, and their tactics, techniques, and
procedures (TTPs)
D. Intelligence extracted latest attacks analysis on similar organizations, which includes
details about latest threats and TTPs
Alice, an analyst, shared information with security operation managers and network
operations center (NOC) staff for protecting the organizational resources against
various threats. Information shared by Alice was highly technical and include threat
actor TTPs, malware campaigns, tools used by threat actors, and so on.
Which of the following types of threat intelligence was shared by Alice? (Page 26)
correct answers A. Technical Threat Intelligence
B. Tactical Threat Intelligence
C. Strategic Threat Intelligence
, D. Operational Threat Intelligence
A threat analyst wants to incorporate a requirement in the threat knowledge repository
that provides an ability to modify or delete past or irrelevant threat data.
Which of the following requirement must he include in the threat knowledge repository
to fulfill his needs? (Page 495) correct answers A. Data management
B. Protection ranking
C. Searchable functionality
D. Evaluating performance
In a team of threat analysts, two individuals were competing over projecting their own
hypotheses on a given malware. However, to find logical proofs to confirm their
hypotheses, the threat intelligence manager used a de-biasing strategy that involves
learning strategic decision making in the circumstances comprising multistep
interactions with numerous representatives, either having or without any perfect relevant
information.
Which of the following de-biasing strategies the threat intelligence manager used to
confirm their hypotheses? (Page 474) correct answers A. Game theory
B. Cognitive psychology
C. Decision theory
D. Machine learning
Jian is a member of the security team at Trinity, Inc. He was conducting a real-time
assessment of system activities in order to acquire threat intelligence feeds. He
acquired feeds from sources like honeynets, P2P monitoring, infrastructure, and
application logs.
Which of the following categories of threat intelligence feed was acquired by Jian?
(Page 265) correct answers A. Internal intelligence feeds
B. CSV data feeds
C. External intelligence feeds
D. Proactive surveillance feeds
H&P, Inc. is a small-scale organization that has decided to outsource the network
security monitoring due to lack of resources in the organization. They are looking for the
options where they can directly incorporate threat intelligence into their existing network
defense solutions.
Which of the following is the most cost-effective methods the organization can employ?
(Page 210) correct answers A. Look for an individual within the organization
B. Recruit managed security service providers (MSSP)
C. Recruit the right talent
D. Recruit data management solution provider
The benefits of buying summaries with Stuvia:
Guaranteed quality through customer reviews
Stuvia customers have reviewed more than 700,000 summaries. This how you know that you are buying the best documents.
Quick and easy check-out
You can quickly pay through credit card or Stuvia-credit for the summaries. There is no membership needed.
Focus on what matters
Your fellow students write the study notes themselves, which is why the documents are always reliable and up-to-date. This ensures you quickly get to the core!
Frequently asked questions
What do I get when I buy this document?
You get a PDF, available immediately after your purchase. The purchased document is accessible anytime, anywhere and indefinitely through your profile.
Satisfaction guarantee: how does it work?
Our satisfaction guarantee ensures that you always find a study document that suits you well. You fill out a form, and our customer service team takes care of the rest.
Who am I buying these notes from?
Stuvia is a marketplace, so you are not buying this document from us, but from seller HopeJewels. Stuvia facilitates payment to the seller.
Will I be stuck with a subscription?
No, you only buy these notes for $11.99. You're not tied to anything after your purchase.
