nerdexam
EC-Council

312-50V11 · Question #1002

Leverox Solutions hired Arnold, a security professional, for the threat intelligence process. Arnold collected information about specific threats against the organization. From this information, he re

The correct answer is A. Strategic threat intelligence. Arnold collected broad contextual threat data from human and open sources to produce risk reports with recommended actions, which this exam classifies as strategic threat intelligence.

Information Security and Ethical Hacking Fundamentals

Question

Leverox Solutions hired Arnold, a security professional, for the threat intelligence process. Arnold collected information about specific threats against the organization. From this information, he retrieved contextual information about security events and incidents that helped him disclose potential risks and gain insight into attacker methodologies. He collected the information from sources such as humans, social media, and chat rooms as well as from events that resulted in cyberattacks. In this process, he also prepared a report that includes identified malicious activities, recommended courses of action, and warnings for emerging attacks. What is the type of threat intelligence collected by Arnold in the above scenario?

Options

  • AStrategic threat intelligence
  • BTactical threat intelligence
  • COperational threat intelligence
  • DTechnical threat intelligence

How the community answered

(42 responses)
  • A
    93% (39)
  • C
    2% (1)
  • D
    5% (2)

Why each option

Arnold collected broad contextual threat data from human and open sources to produce risk reports with recommended actions, which this exam classifies as strategic threat intelligence.

AStrategic threat intelligenceCorrect

Strategic threat intelligence provides high-level, contextual analysis of threats and risks that informs organizational decision-making and security posture. It is gathered from diverse sources including human intelligence, open-source data such as social media and forums, and post-incident analysis of cyberattacks. The deliverable - a report identifying malicious activities, recommending courses of action, and warning of emerging attacks - is characteristic of strategic intelligence that guides leadership and policy rather than immediate technical response.

BTactical threat intelligence

Tactical threat intelligence focuses specifically on the tactics, techniques, and procedures (TTPs) used by adversaries to tune defensive controls, rather than the broad risk-disclosure reports and organizational recommendations described in the scenario.

COperational threat intelligence

Operational threat intelligence covers specific, imminent attack campaigns including details such as target, timing, and attack methods, which is narrower and more time-sensitive than the organization-wide contextual risk analysis Arnold compiled.

DTechnical threat intelligence

Technical threat intelligence consists of specific indicators of compromise such as malicious IP addresses, file hashes, and domains used for detection and blocking, rather than the contextual, human-sourced risk analysis described in the scenario.

Concept tested: Types of threat intelligence - strategic classification

Source: https://www.cisa.gov/topics/cyber-threats-and-advisories/information-sharing/threat-intelligence

Topics

#threat intelligence#strategic intelligence#threat analysis#attacker methodology

Community Discussion

No community discussion yet for this question.

Full 312-50V11 Practice