Learning is Better with Friends
Invite your friends to enjoy free, online cyber security and IT video courses

Intelligence Foundations – Foundations and Lifecycle

FacebookTwitterGoogle+LinkedInEmail
Learning should be free.
  • Build your cyber security or IT career, for free.
  • Get free training, then land your next job.
  • Join the free learning revolution now!
Register
Description
Virtual Practice Lab
Practice Test
Intelligence Foundations – Foundations and Lifecycle

The first step in responding to a cyber attack is gathering evidence (intelligence) during all phases of an attack from multiple data sources. In this video we’ll examine the foundations and lifecycle of intelligence gathering focusing on the following areas:

  • IoA (Indicators of Attack) – continuous monitoring of a wide range of things from the physical to server performance problems to suspicious network activity.
  • IoC (Indicators of Compromise) – direct evidence of a compromise such as permission changes, data exfiltration and hiding, AV disabling, and firewall rule changes.
  • TTPs (Tactics, Techniques, and Procedures) – operational taks indicating a problem such as a procedure that no longer works.
  • CRITs (Collaborative Research into Threats) – open source databases containing malware repositories such as the MITRE webpage.
  • Raw data vs. aggregated data – raw data from network devices of a threat feed is typically in no usable form and must be examined and filtered through other processes to be meaningful. Aggregated data is pieced together from various sources. Alone may not be suspicious, but when aggregated may tell a different story.
  • SIEM (Security Information and Event Management) – devices used to monitor and log events. Must be tuned to minimize false positives.
  • IDPS (Intrusion Detection/Prevention System) – devices to detect and prevent attacks respectively. Typically located at firewalls.

 

Recommended Study Material

Recorded Future Cyber Daily

 

 

With new threats lurking around every corner, you need to be prepared. Join thousands of your infosec peers and subscribe to the Cyber Daily for free trending threat intelligence insights.

 

 

Learn on the go.
The app designed for the modern cyber security professional.
Get it on Google PlayGet it on the App Store
Hands On Lab
Verified
Introduction to Wireshark Virtual Lab
Set yourself apart as a network analyst by learning the standard in network analyzer tools. The Introduction to Wireshark Virtual Lab will prepare you to properly utilize Wireshark for network troubleshooting, analysis, software and communications protocol developme
22 Hours
Hands On Lab
Verified
Introduction to Network Security Tools Virtual Lab
Determine the necessary network security tools needed to safeguard your organization. Because there is no ‘one size fits all’ solution to network security, the Introduction to Network Security Tools Virtual Lab will prepare you with a basic knowledge about which
19 Hours
Practice Test
Verified
Cisco 200-105: Interconnecting Cisco Network Devices Part 2
Evolve your networking skills to fill the role of a core network engineer by learning the ins and outs of real Cisco Routers and Switches. You have passed the ICND1 and are ready to take the Interconnecting Cisco Network Devices Part 2 certification exam. The Cisco
Practice Test
Verified
Cisco 200-125: Cisco Certified Network Associate (CCNA)
Evolve your networking skills to fill the role of a core network engineer by learning the ins and outs of real Cisco Routers and Switches. The CCNA Practice Test will prepare you to install, manage, monitor, secure, and troubleshoot basic router and switches.
22 Hours
Practice Labs and Exam Vouchers

Congratulations! You're taking the first step to getting certified. Get some hands on experience with available practice labs OR save some money, support Cybrary, and purchase discounted exam vouchers. Ready to earn your next industry certification? Join cyber security's largest community and start learning today.

JOIN CYBRARY

RELATED TO THIS COURSE
Oracle 1Z0-808: Java SE 8 Programmer I
Kaplan
Practice Test
unlockedIncluded in your plan
Oracle 1Z0-809: Java SE 8 Programmer II
Kaplan
Practice Test
unlockedIncluded in your plan
Oracle 1Z0-810: Upgrade Java SE 7 to Java SE 8 OCP Programmer
Kaplan
Practice Test
unlockedIncluded in your plan
Upcoming Industry Events
Jul
18
Phishing, a phact of life – how to minimise its impact
Webinar by Cofense Inc. @ 9 : 00 AM EST
Jul
18
Bricata at SANSFIRE 2018
by Bricata @ 12 : 00 AM EST
Jul
19
Economic Potential of Blockchain Technologies
Webinar by Cybersecurity Collaborative @ 2 : 00 PM EST
Jul
19
How to Simplify PCI DSS Compliance with a Unified Approach to Security
Webinar by AlienVault @ 11 : 00 AM EST
Jul
19
Looking for a Simple Approach to Infrastructure Monitoring and Troubleshooting?
Webinar by Rapid7 @ 2 : 00 PM EST
Jul
25
Varonis Security Overview & Demo – A Live Varonis Training Webinar
Webinar by Varonis @ 2 : 00 PM EST
Jul
26
Introducing Secret Server Vault: Privileged Account Protection for Every Small and Medium-Sized Business
Webinar by Thycotic @ 11 : 00 AM EST
Jul
26
Webinar: How Security Teams Use Varonis
Webinar by Varonis @ 9 : 00 AM EST
Aug
08
Black Hat USA 2018
by ThreatConnect @ 11 : 00 AM EST
Aug
08
Join AlienVault at Black Hat 2018 for a Security Leaders Party!
by AlienVault @ 11 : 00 AM EST
View more events
Interested in promoting your company's event?

Our Revolution

We believe Cyber Security training should be free, for everyone, FOREVER. Everyone, everywhere, deserves the OPPORTUNITY to learn, begin and grow a career in this fascinating field. Therefore, Cybrary is a free community where people, companies and training come together to give everyone the ability to collaborate in an open source way that is revolutionizing the cyber security educational experience.

Cybrary On The Go

Get the Cybrary app for Android for online and offline viewing of our lessons.

Get it on Google Play
 

Support Cybrary

Donate Here to Get This Month's Donor Badge

 
Skip to toolbar

We recommend always using caution when following any link

Are you sure you want to continue?

Continue
Cancel