ExamTopics Logo
Mail Us[email protected]
Menu
Eccouncil Discussions
exam questions

Exam 312-50v11 All Questions

View all questions & answers for the 312-50v11 exam
Go to Exam

Exam 312-50v11 topic 1 question 342 discussion

Actual exam question from ECCouncil's 312-50v11
Question #: 342
Topic #: 1
[All 312-50v11 Questions]

Leverox Solutions hired Arnold, a security professional, for the threat intelligence process. Arnold collected information about specific threats against the organization. From this information, he retrieved contextual information about security events and incidents that helped him disclose potential risks and gain insight into attacker methodologies. He collected the information from sources such as humans, social media, and chat rooms as well as from events that resulted in cyberattacks. In this process, he also prepared a report that includes identified malicious activities, recommended courses of action, and warnings for emerging attacks.
What is the type of threat intelligence collected by Arnold in the above scenario?

  • A. Strategic threat intelligence
  • B. Operational threat intelligence
  • C. Technical threat intelligence
  • D. Tactical threat intelligence
Show Suggested Answer Hide Answer
Suggested Answer: B 🗳️
by jinjection at Sept. 28, 2021, 8:45 a.m.

Comments

Chosen Answer:
This is a voting comment (?). It is better to Upvote an existing comment if you don't have anything to add.
Switch to a voting comment New
Submit Cancel
AmadSyahir
Highly Voted 1 year, 5 months ago
Tactical threat intelligence is the most basic form of threat intelligence. These are your common indicators of compromise (IOCs). Tactical intelligence is often used for machine-to-machine detection of threats and for incident responders to search for specific artifacts in enterprise networks. Operational threat intelligence provides insight into actor methodologies and exposes potential risks. It fuels more meaningful detection, incident response, and hunting programs. Where tactical threat intelligence gives analysts context on threats that are already known, operational intelligence brings investigations closer to uncovering completely new threats. Strategic threat intelligence provides a big picture look at how threats and attacks are changing over time. Strategic threat intelligence may be able to identify historical trends, motivations, or attributions as to who is behind an attack. Knowing the who and why of your adversaries also provides clues to their future operations and tactics. This makes strategic intelligence a solid starting point for deciding which defensive measures will be most effective.
upvoted 10 times
...
Daniel8660
Highly Voted 6 months, 3 weeks ago
Selected Answer: B
Cyber Threat Intelligence - Operational Threat Intelligence provides information about specific threats against the organization. It provides contextual information about security events and incidents that help defenders disclose potential risks, provide greater insight into attacker methodologies, identify past malicious activities, and perform investigations on malicious activity in a more efficient way.Operational threat intelligence generally appears as a report that contains identified malicious activities, recommended courses of action, and warnings of emerging attacks. (P.76/60)
upvoted 5 times
...
Silascarter
Most Recent 1 year, 5 months ago
B is correct. Operational threat intelligence is about uncovering specific incoming attacks before they happen. Most operational threat intelligence comes from closed sources, although some threat actors discuss their plans via social media or public chat rooms.
upvoted 2 times
...
jinjection
1 year, 7 months ago
Correct
upvoted 2 times
...
Community vote distribution
A (35%)
C (25%)
B (20%)
Other
Most Voted
A voting comment increases the vote count for the chosen answer by one.

Upvoting a comment with a selected answer will also increase the vote count towards that answer by one. So if you see a comment that you already agree with, you can upvote it instead of posting a new comment.

SaveCancel
exam
Someone Bought Contributor Access for:
SY0-701
London, 1 minute ago