Certified Incident Handler (ECIH) — Question 3
An organization hired a network operations center (NOC) team to protect its IT infrastructure from external attacks. The organization utilized a type of threat intelligence to protect its resources from evolving threats. The threat intelligence helped the NOC team understand how attackers are expected to perform an attack on the organization, identify the information leakage, and determine the attack goals as well as attack vectors.
Identify the type of threat intelligence consumed by the organization in the above scenario.
Answer options
- A. Operational threat intelligence
- B. Strategic threat intelligence
- C. Technical threat intelligence
- D. Tactical threat intelligence
Correct answer: D
Explanation
The correct answer is D, Tactical threat intelligence, as it focuses on the specific tactics, techniques, and procedures used by attackers, which aligns with the NOC team’s need to understand attack methods and goals. Operational threat intelligence (A) deals more with the operational aspects of threats, while Strategic threat intelligence (B) focuses on long-term trends and risks, and Technical threat intelligence (C) involves technical details of vulnerabilities and exploits, which are not the primary focus in this scenario.