Certified Threat Intelligence Analyst (CTIA) — Question 10

A network administrator working in an ABC organization collected log files generated by a traffic monitoring system, which may not seem to have useful information, but after performing proper analysis by him, the same information can be used to detect an attack in the network.
Which of the following categories of threat information has he collected?

Answer options

• A. Advisories
• B. Strategic reports
• C. Detection indicators
• D. Low-level data

Correct answer: D

Explanation

The correct answer is D, as low-level data includes raw logs that may not appear useful at first but can provide critical insights when analyzed. Options A, B, and C refer to more structured or higher-level information that typically does not come from raw log files.