CTIA: Certified Threat Intelligence Analyst

Course Information

Course Name

CTIA: Certified Threat Intelligence Analyst

Exam code

312-85

Duration

3 Days

Certification

Certified Threat Intelligence Analyst (CTIA)

Overview

EC-Council’s Certified Threat Intelligence Analyst (C|TIA) certification is a comprehensive specialist-level professional program focused on the ever- evolving domain of threat intelligence. The program is designed for individuals involved in collecting, analyzing, and disseminating threat intelligence information.

C|TIA covers a wide range of topics, including the fundamentals of threat intelligence, the use of threat intelligence tools and techniques, and the development of a threat intelligence program. The cyber threat intelligence course focuses on refining data and information into actionable intelligence that can be used to prevent, detect, and monitor cyber-attacks. The program addresses all the stages involved in the threat intelligence lifecycle, and this attention toward a realistic and futuristic approach makes C|TIA one of the most comprehensive threat intelligence certifications in the market today.

C|TIA program provides credible professional knowledge required for a successful threat intelligence career. It enhances your skills as a threat intelligence analyst, thus increasing your employability. It is desired by most cybersecurity engineers, analysts, and professionals globally and is respected by hiring authorities. Ideal for individuals working in information security, network security, incident response, and other related fields, mastering in-demand skills and earning this certification will improve threat intelligence operations and investments for cybersecurity individuals and teams.

A C|TIA professional will be proficient in specialized skills and knowledge to understand the methodology and mindset of modern attackers competently and deploy the threat intelligence accordingly.

The Purpose of C|TIA is: 

·       To enable individuals and organizations with the ability to prepare and run a threat intelligence program that allows ‘evidence-based knowledge’ and provides ‘actionable advice’ about ‘existing and unknown threats’.

·       To ensure that organizations have predictive capabilities rather than just proactive measures beyond active defense mechanism.

·       To empower information security professionals with the skills to develop a professional, systematic, and repeatable real-life threat intelligence program.

·       To differentiate threat intelligence professionals from other information security professionals

For individuals: To provide an invaluable ability of structured threat intelligence to enhance skills and boost their employability.

Audience Profile

·       Ethical Hackers

·       Security Practitioners, Engineers, Analysts, Specialist, Architects, and Managers

·       Threat Intelligence Analysts, Associates, Researchers, Consultants

·       Threat Hunters

·       SOC Professionals

·       Digital Forensic and Malware Analysts

·       Incident Response Team Members

·       Any mid-level to high-level cybersecurity professionals with a minimum of 2 years of experience.

·       Individuals from the information security profession and who want to enrich their skills and knowledge in the field of cyber threat intelligence.

·       Individuals interested in preventing cyber threats.

Prerequisities

At Course Completion

·       Fundamentals of threat intelligence (Threat intelligence types, lifecycle, strategy, capabilities, maturity model, frameworks, platforms, etc.)

·       Various cybersecurity threats and attack frameworks (Advanced Persistent Threats, Cyber Kill Chain Methodology, MITRE ATT&CK Framework, Diamond Model of Intrusion Analysis, etc.)

·       Various steps involved in planning a threat intelligence program (Requirements, planning, direction, and review)

·       Different types of threat intelligence feeds, sources, data collection methods

·       Threat intelligence data collection and acquisition through Open-Source Intelligence (OSINT), Human Intelligence (HUMINT), Cyber Counterintelligence (CCI), Indicators of Compromise (loCs), Malware Analysis, and Python Scripting

·       Threat intelligence data processing and exploitation

·       Threat data analysis techniques (Statistical Data Analysis, Analysis of Competing Hypotheses (ACH), Structured Analysis of Competing Hypotheses (SACH), etc.)

·       Complete threat analysis process, which includes threat modeling, fine- tuning, evaluation, and runbook and knowledge base creation

·       How to create and share threat intelligence reports

·       Threat intelligence sharing and collaboration using Python scripting

·       Different platforms, acts, and regulations for sharing intelligence

·       How to perform threat intelligence in a cloud environment

·       Fundamentals of threat hunting (Threat hunting types, process, loop, methodology, etc.)

·       Threat-hunting automation using Python scripting.

·       Threat intelligence in SOC operations, incident response, and risk management

Course Outline

Module 1: Introduction to Threat Intelligence

·       Intelligence

·       Cyber Threat Intelligence Concepts

·       Threat Intelligence Lifecycle and Frameworks

·       Threat Intelligence Platforms (TIPS)

·       Threat Intelligence in the Cloud Environment

·       Future Trends and Continuous Learning

Module 2: Cyber Threats and Attack Frameworks

·       Cyber Threats

·       Advanced Persistent Threats

·       Cyber Kill Chain

·       MITRE ATT&CK and Diamond Model

·       Indicators of Compromise

Module 3: Requirements, Planning, Direction, and Review

·       Organization’s Current Threat Landscape

·       Requirements Analysis

·       Plan a Threat Intelligence Program

·       Establish Management Support

·       Build a Threat Intelligence Team

·       Threat Intelligence Sharing

·       Review Threat Intelligence Program

Module 4: Data Collection and Processing

·       Threat Intelligence Data Collection

·       Threat Intelligence Collection Management

·       Threat Intelligence Feeds and Sources

·       Threat Intelligence Data Collection and Acquisition

·       Bulk Data Collection

·       Data Processing and Exploitation

·       Threat Data Collection and Enrichment in Cloud Environments

·       Labs:

o   Data Collection through Search Engines, Web Services, Website Footprinting, Email Footprinting, DNS Interrogation, Automated OSINT Tools, Social Engineering Techniques, Cyber Counterintelligence (CCI) Techniques, Malware Analysis, and Python Scripting

o   loC Data Collection through External Sources and Internal Sources

o   Structuring/Normalization of Collected Data

Module 5: Data Analysis

·       Data Analysis

·       Data Analysis Techniques

·       Threat Analysis

·       Threat Analysis Process

·       Fine-Tuning Threat Analysis

·       Threat Intelligence Evaluation

·       Create Runbooks and Knowledge Base

·       Threat Intelligence Tools

·       Labs:

o   Perform Threat Modeling and Data Analysis

o   Perform Complete Threat Intelligence using Threat Intelligence Tools

Module 6: Intelligence Reporting and Dissemination

·       Threat Intelligence Reports

·       Dissemination

·       Participate in Sharing Relationships

·       Sharing Threat Intelligence

·       Delivery Mechanisms

·       Threat Intelligence Sharing Platforms

·       Intelligence Sharing Acts and Regulations

·       Threat Intelligence Integration

·       Threat Intelligence Sharing and Collaboration using Python Scripting

·       Labs:

o   Perform Threat Intelligence Reporting and Sharing

Module 7: Threat Hunting and Detection

·       Threat Hunting Concepts

·       Threat Hunting Automation

·       Labs:

o   Perform Targeted Threat Hunting using Python Scripts

o   Perform Threat Hunting Automation using Threat Intelligence Tools

Module 8: Threat Intelligence in SOC Operations, Incident Response, and Risk Management

·       Threat Intelligence in SOC Operations 8.2 Threat Intelligence in Risk Management

·       Threat Intelligence in Incident Response

·       Labs:

o   Perform Cyber Threat Intelligence using the SOC Threat Intelligence Platforms

All EC-Council certification courses are conducted by certified trainers from Iverson.

Digital Methods acts as the official training partner and assists with program consultation, registration, coordination, scheduling, and administrative arrangements to ensure a smooth and professionally managed training experience.