While some organizations have the skills and resources to protect their IT infrastructure from security threats, others are not able to do so. Organizations can either invest thousands of dollars in security tools or have state-of the-art security software. No organization is 100% secure even after purchasing the most advanced security software. TIA) allows cybersecurity professionals to enhance their skills in building sufficient organizational cyber threat intelligence. It is a specialist-level program. CTIA is an examination that assesses the individual’s skills and prepares them for use in threat intelligence.
Who is it for?
This course is for cybersecurity professionals who deal regularly with cyber threats. This training program is for people in the information security industry and those who want more knowledge and skills in cyber threat intelligence. It also benefits individuals involved in preventing cyber attacks.
Pre-Requisite
Candidates must meet the following criteria to be eligible for the CTIA certification examination:
Two years experience in cybersecurity is required.
Candidates must attend EC-Council CTIA Training from an Accredited EC-Council Partner
Certification NameCertified Threat Intelligence AnalystExam CodeExam Code 312-85Test FormatMultiple-choice questionsNumber of Questions50Test Duration2 hoursPassing Score70%CTIA domains:
Domain 1: Threat Intelligence
This domain is assigned 14% weightage in this exam. This domain provides an introduction to intelligence, threat Intelligence, and the life cycle for threat intelligence. Intelligence is the use of information to analyze and respond appropriately to emerging needs within an organization. Intelligence transforms “what” into “how” to solve problems.
Cyber threat intelligence is the process of gathering and analysing information about threats and adversaries, and drawing patterns that can be used to make informed decisions regarding preparedness, prevention, response, and mitigation against various cyber-attacks. It assists organizations in identifying and mitigating various business risks by converting unknown risk to a known threat.
CTI life cycle is an interactive way to explain the collection of data and its transformation into useful intelligence. The entire CTI cycle focuses on understanding the organization’s need for threat intelligence. Next, it plans to collect, process and analyze the data to make it actionable intelligence. Finally, it shares the information with TI consumers for feedback. This section also explains six phases in the CTI lifecycle.
1-Direction
2-Collection
3-Processing
4-Analysis
5-Dissemination
6-Feedback
Domain 2: Cyber Threats & Kill Chain Methodology
This domain is given 14% weightage in this exam. This module focuses on Cyber threats, Advanced Persistent Terrorisms (APTs), as well as Indicators of Compromises (IoCs). Cyber threats are harmful acts that attempt to damage, steal, or disrupt digital lives. Cyber-attacks can include computer viruses, data breaches and Denial of Service attacks (DoS). Advanced Persistent Threats are an attack that steals information from the victim’s machine without the user being aware. Indicators of Compromise are forensic artifacts that can be identified on a network or host.
Domain 3: Requirements and Planning, Direction, Review, and Review
This domain is 16% weighted in the exam. This domain will teach you a variety of topics that are essential for a threat intelligence analyst. Although this domain is not very extensive, it covers new topics that will improve your skills and prepare you to provide useful threat intelligence for your organization. This field also has many other benefits.
