Summary Comp TIA CYSA - CS0-002 (Personal) Complete Solution Rated A+

Summary Comp TIA CYSA - CS0-002 (Personal) Complete Solution Rated A+ Proprietary Intelligence Threat intelligence that is widely provided as a commercial service offering. Closed-Source Intelligence Data that is derived from the provider's own research and analysis efforts, such as data from honeynets that they operate. Open-Sourced Intelligence Methods of obtaining information about a person or organization through public records, websites, and social media. Information Sharing and Analysis Centers (ISACS) A not-for-profit group set up to share sector-specific threat intelligence and security best practices amongst its members. Includes individual sectors for... Government Healthcare Financial Aviation Critical Infrastructure Any physical or virtual system whose incapacity or destruction would have a debilitating impact on the economic security of an organization, community, nation, etc. Data Enrichment Automatically combines multiple disparate sources of information together to form a complete picture of events for analysts to use during an incident response or when conducting proactive threat hunting The process of incorporating new updates and information to an organizations existing database to improve accuracy. Requirements (Planning & Direction) This phase in the Intelligence Cycle sets out goals for the intelligence-gathering effort. Collection (& Processing) This phase in the Intelligence Cycle uses software tools, such as SIEMs, and then is processed for later analysis. Analysis This phase in the Intelligence Cycle is performed against the given use cases from the planning phase and may utilize automated analysis, artificial intelligence, and machine learning. Dissemination This phase in the Intelligence Cycle refers to publishing information produced by analysis to consumers who need to act on the insights developed. Feedback This phase in the Intelligence Cycle aims to clarify requirements and improve the collection, analysis, and dissemination of information by reviewing current inputs and outputs. Examples of Open-Source Intelligence Feed • Malware Information Sharing Project (MISP) • Alien Vault Open threat Exchange • Spamhaus • SANS ISC Suspicious Domains • VirusTotal • NCAS Examples of Closed-source or proprietary Intelligence Feed • IBM X-Force Exchange • Record Future • FireEye Known Threat vs. Unknown Threat A threat that can or cannot be identified using basic signature or pattern matching. Obfuscated Malware Code Malicious code whose execution the malware author has attempted to hide through carious techniques such as compression, encryption, or encoding. Behavior-based Detection A malware detection method that evaluates an object based on its intended actions before it can actually execute that behavior. Recycled Threats The process of combining and modifying parts of existing exploit code to create new threats that are not as easily identified by automated scanning. Known Unknowns A classification of malware that contains obfuscation techniques to circumvent signature-matching and detection. Unknown Unknowns A classification of malware that contains completely new attack vectors and exploits. Commodity Malware Malicious software applications that are widely available for sale or easily obtainable and usable. Command and Control (C2) An infrastructure of hosts and services with which attackers direct, distribute, and control malware over botnets. Risk Management Identifies, evaluates, and prioritizes threats and vulnerabilities to reduce their negative impact.