Training plan
Module 1: Introduction to Threat Intelligence
- Understand Intelligence
- Summarize Cyber Threat Intelligence Concept
- Explain Threat Intelligence Lifecycle and Frameworks
- Understand Threat Intelligence Platforms (TIPs)
- Understand Threat Intelligence in the Cloud Environment
- Understand Future Trends and Continuous Learning
Module 2: Cyber Threats and Attack Frameworks
- Understand Cyber Threat
- Explain Advanced Persistent Threats
- Explain Cyber Kill Chain
- Explain MITRE ATT&CK and Diamond Model
- Understand Indicators of Compromise
Module 3: Requirements, Planning, Direction, and Review
- Understand the Organization’s Current Threat Landscape
- Understand Requirements Analysis
- Plan a Threat Intelligence Program
- Establish Management Support
- Build a Threat Intelligence Team
- Understand Threat Intelligence Sharing
- Review Threat Intelligence Program
Module 4: Data Collection and Processing
- Understand Threat Intelligence Data Collection
- Summarize Threat Intelligence Collection Management
- Explain Threat Intelligence Feeds and Sources
- Explain Threat Intelligence Data Collection and Acquisition
- Understand Bulk Data Collection
- Explain Data Processing and Exploitation
- Understand Threat Data Collection and Enrichment in Cloud Environments
Module 5: Data Analysis
- Summarize Data Analysis
- Explain Data Analysis Techniques
- Understand Threat Analysis
- Demonstrate Threat Analysis Process
- Explain Fine-tuning Threat Analysis
- Understand Threat Intelligence Evaluation
- Create Runbooks and Knowledge Base
- Use Threat Intelligence Tools
Module 6: Intelligence Reporting and Dissemination
- Understand Threat Intelligence Reports
- Understand Dissemination
- Participate in Sharing Relationships
- Understand Sharing Threat Intelligence
- Explain Delivery Mechanisms
- Use Threat Intelligence Sharing Platform
- Understand Intelligence Sharing Acts and Regulations
- Explain Threat Intelligence Integration
- Understand Intelligence Sharing and Collaboration using Python Scripting
Module 7: Threat Hunting and Detection
- Summarize Threat Hunting Concepts
- Understand Threat Hunting Automation
Module 8: Threat Intelligence in SOC Operations, Incident Response, and Risk Management
- Understand Threat Intelligence in SOC Operations
- Understand Threat Intelligence in Risk Management
- Understand Threat Intelligence in Incident Response
Module 9: Threat Intelligence in SOC Operations, Incident Response, and Risk Management
- Understand Threat Intelligence in SOC Operations
- Understand Threat Intelligence in Risk Management
- Understand Threat Intelligence in Incident Response
Recommended Prerequisite Knowledge
- Understanding of Network and Security Concepts: A good grasp of basic networking and security principles.
- Knowledge of TCP/IP Protocols: Familiarity with TCP/IP protocols and the OSI model.
- Experience with Network Security Devices: Exposure to network security devices such as firewalls, IDS, and IPS.
- Practical Experience in Cybersecurity: Hands-on experience in cybersecurity operations, such as working in a Security Operations Center (SOC) or a related field.
- Familiarity with Threat Intelligence: Basic understanding of threat intelligence concepts and tools.
Credentials and certification
Exam features
- Code: 312-85
- Title: Certified Threat Intelligence Analyst
- Duration: 2 hours
- Number of Questions: 50
- Question Format: Multiple Choice
- Online with EC-Council Exam Center
- Cost: $0 (included in your training)