Eccouncil Exam 312-85 Topic 5 Question 31 Discussion

Actual exam question for Eccouncil's 312-85 exam

Question #: 31
Topic #: 5

Jian is a member of the security team at Trinity, Inc. He was conducting a real-time assessment of system activities in order to acquire threat intelligence feeds. He acquired feeds from sources like honeynets, P2P monitoring. infrastructure, and application logs.

Which of the following categories of threat intelligence feed was acquired by Jian?

AInternal intelligence feeds

BExternal intelligence feeds

CCSV data feeds

DProactive surveillance feeds

Show Suggested Answer

Suggested Answer: A

Internal intelligence feeds are derived from data and information collected within an organization's own networks and systems. Jian's activities, such as real-time assessment of system activities and acquiring feeds from honeynets, P2P monitoring, infrastructure, and application logs, fall under the collection of internal intelligence feeds. These feeds are crucial for identifying potential threats and vulnerabilities within the organization and form a fundamental part of a comprehensive threat intelligence program. They contrast with external intelligence feeds, which are sourced from outside the organization and include information on broader cyber threats, trends, and TTPs of threat actors. Reference:

'Building an Intelligence-Led Security Program' by Allan Liska

'Threat Intelligence: Collecting, Analysing, Evaluating' by M-K. Lee, L. Healey, and P. A. Porras

by Denise at Jul 07, 2025, 11:17 AM

Limited Time Offer

25%

16 days ago

Definitely B) External intelligence feeds. Jian was acquiring threat intelligence from sources outside of Trinity, Inc., like honeynets and P2P monitoring.

upvoted 0 times

Trinidad

2 days ago

A) Internal intelligence feeds

upvoted 0 times

...