The Importance of Threat Data and Intelligence
This chapter covers the following topics related to Objective 1.1 (Explain the importance of threat data and intelligence) of the CompTIA Cybersecurity Analyst (CySA+) CS0-002 certification exam:
Intelligence sources: Examines open-source intelligence, proprietary/closed-source intelligence, timeliness, relevancy, and accuracy.
Confidence levels: Covers the importance of identifying levels of confidence in data.
Indicator management: Introduces Structured Threat Information eXpression (STIX), Trusted Automated eXchange of Indicator Information (TAXII), and OpenIOC.
Threat classification: Investigates known threats vs. unknown threats, zero-day threats, and advanced persistent threats. ...