Written by students who passed Immediately available after payment Read online or as PDF Wrong document? Swap it for free 4.6 TrustPilot
logo-home
Exam (elaborations)

SANS FOR578 GCTISANS FOR578 GCTISANS FOR578 GCTI

Rating
-
Sold
-
Pages
8
Grade
A+
Uploaded on
15-05-2025
Written in
2024/2025

Exam of 8 pages for the course 3X@M at 3X@M (SANS FOR578 GCTI)

Institution
3X@M
Course
3X@M

Content preview

SANS FOR578 GCTI
Study online at https://quizlet.com/_d1yqwy
1. Intelligence: The collection, processing, and analysis of info about a competitive
entity and its agents, needed by an org or group for its sec. and well-being
2. Counterintelligence: identification, assessment, and neutralization of adversary
intel activities

must consider:

gain-loss
potential disinformation
3. Classic Intel Sources: HUMINT
GEOINT
MASINT
OSINT
SIGINT
All Source
4. MASINT: Measurement and signature intel (radar, nuclear det., etc)
5. SIGINT: Signal intercepts (cell phone, line tapping, etc.)
6. Sherman Kent's (founder of CIA) Analytic Doctrine: Focus on policymaker
concerns
Avoidance of a personal policy agenda
intellectual rigor
conscious effort to avoid analytic biases
willingness to consider other judgments
systematic use of outside experts
collective responsibility for judgment
effective communication of policy-support info and judgments
candid admission of mistakes
7. data-driven analysis: good datasets and straightforward problems
accuracy is based on the dataset's accuracy
logically-driven and easily replicated
8. conceptually-driven analysis: numerous unknowns and undefined variables
and relationships
immediate interpretation of complex concepts
accuracy is driven by mental models ad feedback
9. Analysis: Detailed examination of the elements or structure of something
breaking something down into its constituent parts to understand its operation
10. Mental models: experiences-based assumptions and expectations of the way
the world operates
should be reviewed and updated as experience grows
1/8

, SANS FOR578 GCTI
Study online at https://quizlet.com/_d1yqwy
11. Structured Analytic Techniques (SATs): analyst approaches to better evalu-
ate info while reducing while reducing the impact of bias
more transparent, testable, and defendable

Heuer:
Getting organized
Exploration techniques
diagnostic techniques
re-framing techniques
foresight techniques
12. Intel Lifecycle: Planning and Direction
Collection
Processing
Analysis and Production
Dissemination
Feedback
13. Data -> Intelligence: Story about a campaign (operational environment)
IP address (data)
IP address is C2 for malware (information)
Malware is not on our system (information)
"adversary is not purposely targeting our systems and that this is an incidental
infection (intel)
14. CTI definition: Analyzed info about the hostile intent, opportunity, and capability
of an adversary that satisfies a requirement

Analysis on the threat, focus on the customer
15. Threat: Intent + opportunity + capability (IOC)
16. Intrusion: Any successful or failed attempt by the adversary
useful for identifying adversary trade-craft
Intrusion analysis is the fundamental CTI skill
17. Activity Group: unique clusters of intrusions mathematically defined by the
analyst\team's analytical weighting

intrusion set -> activity group -> campaign
18. Threat Actor: clustering of intrusions to represent who is responsible
helps put a face on the adversary

Note: FOR578 uses "activity group"

2/8

Written for

Institution
3X@M
Course
3X@M

Document information

Uploaded on
May 15, 2025
Number of pages
8
Written in
2024/2025
Type
Exam (elaborations)
Contains
Questions & answers
$23.49
Get access to the full document:

Wrong document? Swap it for free Within 14 days of purchase and before downloading, you can choose a different document. You can simply spend the amount again.
Written by students who passed
Immediately available after payment
Read online or as PDF

Get to know the seller

Seller avatar
Reputation scores are based on the amount of documents a seller has sold for a fee and the reviews they have received for those documents. There are three levels: Bronze, Silver and Gold. The better the reputation, the more your can rely on the quality of the sellers work.
turtorbianca Chamberlain College Of Nursing
View profile
Follow You need to be logged in order to follow users or courses
Sold
43
Member since
2 year
Number of followers
9
Documents
1185
Last sold
2 days ago
latest versions of best examzz

Welcome to my academic support store, your trusted destination for top-tier homework help and tutoring services! Specializing in key subjects like Psychology, Nursing, Human Resource Management, and Mathematics, I’m dedicated to helping students excel with high-quality, meticulously crafted resources. My mission is to deliver scholarly, reliable content that guarantees excellent grades, earning me a reputation as one of Stuvia’s BEST GOLD RATED TUTORS. Whether you need assistance with quizzes, exams, or detailed study materials, I prioritize your success with a commitment to academic excellence and results you can count on.

Read more Read less
4.4

154 reviews

5
95
4
36
3
20
2
2
1
1

Recently viewed by you

Why students choose Stuvia

Created by fellow students, verified by reviews

Quality you can trust: written by students who passed their tests and reviewed by others who've used these notes.

Didn't get what you expected? Choose another document

No worries! You can instantly pick a different document that better fits what you're looking for.

Pay as you like, start learning right away

No subscription, no commitments. Pay the way you're used to via credit card and download your PDF document instantly.

Student with book image

“Bought, downloaded, and aced it. It really can be that simple.”

Alisha Student

Working on your references?

Create accurate citations in APA, MLA and Harvard with our free citation generator.

Working on your references?

Frequently asked questions