D. STIX (Structured Threat Information eXpression) is an open standard that creates a framework for sharing threat intelligence in a machine-digestible format. It enables organizations to share cyber threat intelligence, including information on adversaries, malware, vulnerabilities, and attack patterns, in a structured and consistent way.
OpenIOC (Open Indicator of Compromise) is an open-source framework for representing threat intelligence in a machine-readable format. It is used to describe the characteristics of malware, intrusion attempts, and other malicious activity in a way that can be easily understood and acted upon by security systems and tools.
STIX (Structured Threat Information Expression) is an open standard that provides a framework for sharing cyber threat intelligence in a structured, machine-readable format. It enables organizations to share detailed information about threats, including indicators, tactics, techniques, and procedures (TTPs), to improve collective cybersecurity.
Other options:
A. OpenIOC: A framework for sharing threat indicators but less comprehensive than STIX and not as widely adopted.
CCNP And CCIE Security Core SCOR 350-701 Official Cert Guide.pdf (page 86)
"Open Indicators of Compromise (OpenIOC):
An open framework for sharing threat intelligence
in a machine-digestible format. Learn more at
http://www.openioc.org."
Answer A. No doubt.
My answer is D
Which open standard creates a framework for sharing threat intelligence in a machine-digestible format? OpenIOC, OpenC2, CybOX, STIX
The open standard that creates a framework for sharing threat intelligence in a machine-digestible format is STIX (Structured Threat Information eXpression).
STIX is a JSON-based schema that defines a common format for representing and sharing threat intelligence information. This includes information about adversaries, malware, vulnerabilities, intrusions, and other cyberthreats. STIX is designed to be machine-readable, so that it can be easily shared and processed by computers. This makes it a valuable tool for organizations that need to share threat intelligence with each other to protect their networks.
https://bard.google.com/chat/e3b8e30fe3160083
Prefer A over D.
"OpenIOC is an open framework, meant for sharing threat intelligence information in a machine-readable format." : https://cyware.com/security-guides/cyber-threat-intelligence/what-is-open-indicators-of-compromise-openioc-framework-ed9d
"STIX provides a common language for describing cyber threat information so it can be shared" : https://stixproject.github.io/about/
As per the official cert guide, definition is clear :
Open Indicators of Compromise (OpenIOC):
An open framework for sharing threat intelligence
in a machine-digestible format.
Structured Threat Information eXpression
(STIX): An express language designed for sharing
of cyber-attack information. STIX details can
contain data such as the IP addresses or domain
names of command-and-control servers (often
referred to C2 or CnC), malware hashes, and so on.
STIX was originally developed by MITRE and is
now maintained by OASIS.
STIX, as it is the open standard that provides a framework for sharing threat intelligence, including indicators of compromise, in a machine-readable format. While OpenIOC is also an open standard for sharing threat intelligence, it is more narrowly focused on describing IOCs specifically, and does not provide a comprehensive framework for sharing all types of threat intelligence.
I first thought it was STIX (which is also open source) but some sites mentions the following : "OpenIOC is an open framework, meant for sharing threat intelligence information in a machine-readable format."
Source : https://cyware.com/educational-guides/cyber-threat-intelligence/what-is-open-indicators-of-compromise-openioc-framework-ed9d
A
Open Indicators Of Compromise (OpenIOC): Open framework for sharing threat intelligence in a machine-digestible format. Learn more at http://www.openioc.org/.
https://www.ciscopress.com/articles/article.asp?p=2455014&seqNum=3#:~:text=Open%20Indicators%20Of%20Compromise%20(OpenIOC,in%20a%20machine%2Ddigestible%20format.
This section is not available anymore. Please use the main Exam Page.350-701 Exam Questions
Log in to ExamTopics
Sign in:
Community vote distribution
A (35%)
C (25%)
B (20%)
Other
Most Voted
A voting comment increases the vote count for the chosen answer by one.
Upvoting a comment with a selected answer will also increase the vote count towards that answer by one.
So if you see a comment that you already agree with, you can upvote it instead of posting a new comment.
Net4dd
Highly Voted 2 years, 5 months agowest33637
2 years, 4 months agoPierre_Bouvier
Most Recent 4 months, 3 weeks agoPremium_Pils
7 months agoRemiK
1 year agoMulema
1 year, 6 months agojku2cya
1 year, 11 months agoPiX2
2 years, 3 months agoDirectly_Connected
2 years, 3 months agoachille5
2 years, 3 months agoEmlia1
2 years, 6 months agoMjestic
2 years, 7 months agoleowulf
2 years, 8 months agotesttaker13
2 years, 9 months ago