Threat Intelligence

5 minutes 5 Questions

Threat intelligence is the collection, analysis, and dissemination of information about potential security threats or vulnerabilities. This data enables security teams to identify and understand risks, allowing them to better defend their networks and systems. The intelligence can be derived from m…

Test mode:

Exam (Timed)

Practice (With explanations)

Start practice test

Question 1

Your organization is consistently being targeted by phishing attacks that bypass email filters. How can you improve threat intelligence to reduce the risk of these attacks?

Hire more IT staff to manually monitor and block suspicious emails. Block all incoming emails from external sources. Purchase the most expensive commercial threat intelligence platform. Incorporate phishing-specific intelligence feeds and improve email filtering.

Correct Answer: Incorporate phishing-specific intelligence feeds and improve email filtering.

Incorporating phishing-specific intelligence feeds and improving email filtering will allow the organization to better detect and block phishing emails. Hiring more IT staff, purchasing expensive platforms, blocking all incoming emails, reporting to authorities without any action, or investing in biometrics do not specifically address the phishing threat.

Question 2

Your organization conducts an analysis of the Dark Web and finds sensitive data related to one of your clients. How should you proceed?

Contact the client directly Report the findings to relevant stakeholders and implement incident response procedures Attempt to recover the sensitive data by contacting the source Ignore the findings

Correct Answer: Report the findings to relevant stakeholders and implement incident response procedures

The correct action is to report the findings to relevant stakeholders and implement incident response procedures. This ensures that the proper steps are taken to mitigate any damage, determine the extent, and take necessary actions. Other options are either ineffective or could create legal issues.

Question 3

Your organization's security team has identified a new ransomware variant affecting the industry. What is the most effective method for prioritizing this threat?

Report the variant to law enforcement and wait for their response Treat the threat as high-priority and immediately initiate countermeasures Evaluate the threat against your organization's risk profile and current security measures Inform all employees of the potential risk, requesting they avoid suspicious emails and links

Correct Answer: Evaluate the threat against your organization's risk profile and current security measures

The correct answer is to evaluate the threat against your organization's risk profile and current security measures. This allows you to appropriately determine the risk associated with the ransomware variant compared to other potential risks. The other options may not correctly prioritize the threat, could be premature without an assessment, or provide limited protection.

Join the Elite: Pass Your CISSP

4,400+ questions across all 8 CBK domains

Threat Intelligence

Full Guide: Understanding Threat Intelligence

CISSP - Threat Intelligence Example Questions

Question 1

Question 2

Question 3

Join the Elite: Pass Your CISSP