CySA+
  • Introduction
  • Exam Objectives
    • Quiz
      • Threat and Vulnerability Management Competency
        • Questions
  • 1.0 Threat and Vulnerability Management
    • 1.1 Explain the importance of threat data and intelligence
      • Page 1
      • Intelligence Sources
      • Confidence Levels
      • Indicator Management
        • Trusted Automated eXchange of Indicator Information (TAXII)
        • OpenIoC
      • Threat classification
        • Known threat vs. unknown threat
        • Zero-day
        • Advanced persistent threat
      • Open-source intelligence
      • Proprietary / closed-source intelligence
      • Timeliness, Relevancy, Accuracy
    • 1.2 Given a scenario, utilise threat intelligence to support organisational security
    • 1.3 Given a scenario, perform vulnerability management activities
    • 1.4 Given a scenario, analyse the output from common vulnerability assessment tools
    • 1.5 Explain the threats and vulnerabilities associated with specialised technology
    • 1.6 Explain the threats and vulnerabilities associated with operating in the cloud
    • 1.7 Given a scenario, implement controls to mitigate attacks and software vulnerabilities
  • 2.0 Software and Systems Security
    • 2.2 Explain software assurance best practices
    • 2.1 Given a scenario, apply security solutions for infrastructure management
    • 2.3 Explain hardware assurance best practices
Powered by GitBook
On this page
  1. 1.0 Threat and Vulnerability Management
  2. 1.1 Explain the importance of threat data and intelligence

Proprietary / closed-source intelligence

Commercial service offering, subject to a subscription fee. Often repackaged information comes from free public registries

Also derived from the provider's own research and analysis efforts, such as data from honeynets that they operate, plus information mined from its customers' systems, suitably anonymized.

Often privileged access is required and is covertly collected

Examples: IBM X-Force Exchange, FireEye

PreviousOpen-source intelligenceNextTimeliness, Relevancy, Accuracy

Last updated 2 years ago