New Year Sale 2026! Hurry Up, Grab the Special Discount - Save 25% - Ends In 00:00:00 Coupon code: SAVE25
Welcome to Pass4Success

- Free Preparation Discussions
Mail Us support@pass4success.com
Location US
Mob_nav_barsMENU

Eccouncil 312-85 Exam - Topic 3 Question 25 Discussion

Actual exam question for Eccouncil's 312-85 exam
Question #: 25
Topic #: 3
[All 312-85 Questions]

An organization suffered many major attacks and lost critical information, such as employee records, and financial information. Therefore, the management decides to hire a threat analyst to extract the strategic threat intelligence that provides high-level information regarding current cyber-security posture, threats, details on the financial impact of various cyber-activities, and so on.

Which of the following sources will help the analyst to collect the required intelligence?

Show Suggested Answer Hide Answer
Suggested Answer: B

For gathering strategic threat intelligence that provides a high-level overview of the current cybersecurity posture, potential financial impacts of cyber activities, and overarching threats, sources such as Open Source Intelligence (OSINT), Cyber Threat Intelligence (CTI) vendors, and Information Sharing and Analysis Organizations (ISAOs)/Information Sharing and Analysis Centers (ISACs) are invaluable. OSINT involves collecting data from publicly available sources, CTI vendors specialize in providing detailed threat intelligence services, and ISAOs/ISACs facilitate the sharing of threat data within specific industries or communities. These sources can provide broad insights into threat landscapes, helping organizations understand how to align their cybersecurity strategies with current trends and threats. Reference:

'Cyber Threat Intelligence: Sources and Methods,' by Max Kilger, Ph.D., SANS Institute Reading Room

'Open Source Intelligence (OSINT): An Introduction to the Basic Concepts and the Potential Benefits for Information Security,' by Kevin Cardwell, IEEE Xplore


by India at Feb 08, 2025, 10:02 AM

Limited Time Offer

25%

Off

Get Premium 312-85 Questions as Interactive Web-Based Practice Test or PDF

Contribute your Thoughts:

0/2000 characters
Submit Cancel
Marion
3 months ago
I disagree, D seems too informal for serious analysis.
upvoted 0 times
...
Reita
3 months ago
Wait, human intelligence? That sounds sketchy...
upvoted 0 times
...
Socorro
3 months ago
C has some solid sources too, especially incident reports.
upvoted 0 times
...
Rebeca
4 months ago
I think A is also important, gotta watch what others are facing.
upvoted 0 times
...
Amber
4 months ago
Definitely B, OSINT is key for threat intel!
upvoted 0 times
...
Carolynn
4 months ago
I’m a bit confused; I thought human intelligence was more about espionage, so I’m not sure if option D would be useful for this scenario.
upvoted 0 times
...
Elvera
4 months ago
I feel like option A could also be relevant since understanding attacks on other organizations might help in assessing our own vulnerabilities.
upvoted 0 times
...
Thurman
4 months ago
I'm not sure about the best source, but I remember a practice question that emphasized the importance of incident reports, which makes me lean towards option C.
upvoted 0 times
...
Helaine
5 months ago
I think option B sounds right because OSINT and CTI vendors are often mentioned in threat intelligence discussions.
upvoted 0 times
...
Juliana
5 months ago
This is a good opportunity to showcase my knowledge of cyber threat intelligence. I'm confident I can identify the most appropriate sources to help the analyst gather the necessary information.
upvoted 0 times
...
Layla
5 months ago
Okay, let's see. The question is asking about the best sources for the threat analyst to collect the required intelligence. I'll need to carefully consider each option and think about which one would provide the most comprehensive and relevant information.
upvoted 0 times
...
Jordan
5 months ago
Hmm, I'm a bit unsure about this one. There seem to be a lot of options, and I want to make sure I understand the differences between them before selecting an answer.
upvoted 0 times
...
Leonora
5 months ago
This looks like a pretty straightforward question on cyber threat intelligence sources. I think I've got a good handle on this topic, so I'll try to work through it systematically.
upvoted 0 times
...
Ethan
12 months ago
Option A sounds like a great way to stay up-to-date on the latest attacks. After all, who needs sleep when you have data feeds?
upvoted 0 times
Howard
11 months ago
C) Campaign reports, malware, incident reports, attack group reports, human intelligence
upvoted 0 times
...
Buddy
11 months ago
A) Active campaigns, attacks on other organizations, data feeds from external third parties
upvoted 0 times
...
...
Elza
1 year ago
Social media, huh? I bet the threat analysts will find a lot of 'helpful' information in chat rooms. Option D it is!
upvoted 0 times
Twanna
11 months ago
Yeah, chat rooms can be a breeding ground for cyber threats.
upvoted 0 times
...
Erasmo
11 months ago
I think social media can be a goldmine for threat intelligence.
upvoted 0 times
...
...
Ilda
1 year ago
I think option C) Campaign reports, malware, incident reports, attack group reports, human intelligence could also be useful in gathering the necessary information.
upvoted 0 times
...
Whitney
1 year ago
I'm torn between B and C, but I think C covers all the bases. Can't go wrong with that one.
upvoted 0 times
Simona
11 months ago
Agreed, it's important to gather intelligence from various sources to stay ahead of potential threats.
upvoted 0 times
...
Pearly
11 months ago
Definitely, those sources provide a comprehensive view of the cyber-security landscape.
upvoted 0 times
...
Kerry
12 months ago
Yeah, campaign reports, malware, incident reports, attack group reports, and human intelligence seem like crucial sources.
upvoted 0 times
...
Madalyn
12 months ago
I think C covers all the bases. Can't go wrong with that one.
upvoted 0 times
...
...
Alesia
1 year ago
Option C seems the most comprehensive to me. Incident reports and intelligence on attack groups would be crucial.
upvoted 0 times
...
Ernest
1 year ago
I agree with Corinne. Option A seems like the best choice for collecting the required intelligence.
upvoted 0 times
...
Beckie
1 year ago
Definitely option B. OSINT and CTI vendors are the way to go for comprehensive threat intelligence.
upvoted 0 times
Lorrine
1 year ago
Yes, those sources are essential for gathering threat intelligence.
upvoted 0 times
...
Nada
1 year ago
I agree, OSINT and CTI vendors provide valuable information.
upvoted 0 times
...
...
Corinne
1 year ago
I think option A) Active campaigns, attacks on other organizations, data feeds from external third parties would be helpful.
upvoted 0 times
...

Save Cancel