Key Concepts- Appendix A

Question 1

Types of CTI

Answer 1

Strategic
Informs senior decision-makers of changes in the threat landscape
Operational - (Dark Web chatter)
Details of impending operations against an organisation
Tactical
IoCs and TTPs used by threat actors

Question 2

Intelligence Sources

Answer 2

IoCs
Social Media
HUMINT
Dark Web
Client data (logs)
Geopolitics
Info-sharing platforms

Question 3

Calculate Risk

Answer 3

Threat and Risk
Risk= Vulnerability X Threat X Impact

Question 4

What is an organisation tested on in an intelligence-led engagement?

Answer 4

Ability to prevent, detect and respond to realistic threats

Question 5

Diamond Model

Answer 5

Adversary, Capabilities, Infrastructure, Victim

Question 6

Relationship axis of the Diamond Model?

Answer 6

Socio-political between adversary and victim
Technology between infrastructure and capabilities

Question 7

Principles of Intelligence

Answer 7

Centralised
Reporting
Objective
Systematic
Sharing
Continuous
Accessible
Timely

Question 8

Cyber Kill Chain

Answer 8

Reconnaissance
Weaponisation
Delivery
Exploitation
Installation
Command and Control
Actions on Objectives

Question 9

F3EAD cycle

Answer 9

Find, Fix, Finish, Exploit, Analyse and Disseminate

Question 10

Intelligence Preparation of the Battlefield (5) SCDMC

Answer 10

Identify scope of required information
collection
Decisions trees
data management
identify courses of action