✓ Fundamentals of threat intelligence (Threat intelligence types, lifecycle, strategy, capabilities, maturity model, frameworks, platforms, etc.)

✓ Various cybersecurity threats and attack frameworks (Advanced Persistent Threats, Cyber Kill Chain Methodology, MITRE ATT&CK Framework, Diamond Model of Intrusion Analysis, etc.)

✓ Various steps involved in planning a threat intelligence program (Requirements, planning, direction, and review)

✓ Different types of threat intelligence feeds, sources, data collection methods

✓ Threat intelligence data collection and acquisition through Open-Source Intelligence (OSINT), Human Intelligence (HUMINT), Cyber Counterintelligence (CCI), Indicators of Compromise (IoCs), Malware Analysis, and Python Scripting

✓ Threat intelligence data processing and exploitation

✓ Threat data analysis techniques (Statistical Data Analysis, Analysis of Competing Hypotheses (ACH), Structured Analysis of Competing Hypotheses (SACH), etc.)

✓ Complete threat analysis process, which includes threat modeling, fine-tuning, evaluation, and runbook and knowledge base creation

✓ How to create and share threat intelligence reports

✓ Threat intelligence sharing and collaboration using Python scripting

✓ Different platforms, acts, and regulations for sharing intelligence

✓ How to perform threat intelligence in a cloud environment

✓ Fundamentals of threat hunting (Threat hunting types, process, loop, methodology, etc.)

✓ Threat-hunting automation using Python scripting

✓ Threat intelligence in SOC operations, incident response, and risk management

• Exam Code: 312-38
  
  

• Number of Questions: 50
  
  

• Duration: 2 Hours
  
  

• Availability: EC-Council Exam Portal
  
  

• Test Format: Multiple Choice