Threat Intelligence - Introduction

Answer 1

Welcome to the Threat Intelligence domain of Blue Team Level 1! This domain will cover everything from malicious actors to indicators of compromise, global malware campaigns to information sharing. Below are the learning objectives for this domain.

Question 2

Learning Objectives

Answer 2

By the end of this domain you will have achieved the following objectives:

Understand why threat intelligence is used to aid security operations and risk management, by providing enrichment and context to investigations, threats, and vulnerabilities.
Understand and explain what threat actors and advanced persistent threats are, including cybercriminal groups and state-sponsored hackers.
Understand the differences and applications of operational intelligence, tactical intelligence, and strategic intelligence.
Be able to conduct threat exposure checks using indicators of compromise to search the network and assets for any signs of intrusion using known indicators.
Be able to conduct research into threat actors using OSINT sources to gather intelligence such as; alternative names, tools, and malware used, targeted organizations, motives, and indicators of compromise.