Chapter 1

The Importance of Threat Data and Intelligence

This chapter covers the following topics related to Objective 1.1 (Explain the importance of threat data and intelligence) of the CompTIA Cybersecurity Analyst (CySA+) CS0-002 certification exam:

  • Intelligence sources: Examines open-source intelligence, proprietary/closed-source intelligence, timeliness, relevancy, and accuracy.

  • Confidence levels: Covers the importance of identifying levels of confidence in data.

  • Indicator management: Introduces Structured Threat Information eXpression (STIX), Trusted Automated eXchange of Indicator Information (TAXII), and OpenIOC.

  • Threat classification: Investigates known threats vs. unknown threats, zero-day threats, and advanced persistent threats. ...

Get CompTIA Cybersecurity Analyst (CySA+) CS0-002 Cert Guide, 2nd Edition now with the O’Reilly learning platform.

O’Reilly members experience books, live events, courses curated by job role, and more from O’Reilly and nearly 200 top publishers.