Threat Intelligence — CompTIA Security+ (SY0-701) Practice Questions
Threat intelligence is the collection, analysis, and application of information about adversaries, their tactics, techniques, and procedures to inform defensive decisions. SY0-701 expects candidates to understand intelligence sources such as open-source intelligence, information sharing organizations like ISACs, and commercial threat feeds, as well as the difference between strategic, tactical, operational, and technical intelligence. The exam also covers indicators of compromise and how they are consumed by security tools such as SIEMs and firewalls to detect or block known threats. Applying threat intelligence allows security teams to prioritize controls and anticipate likely attack vectors rather than reacting after a breach.
Free questions on threat intelligence
Which of the following best describes a zero-day vulnerability?
Free question · easy · full answer + explanation
More threat intelligence questions in the full bank
- What is a threat feed in STIX/TAXII context? Unlock answer & explanation →
- A security analyst needs to collect threat intelligence about emerging malware patterns. Which standardized format is BEST suited for sharing this information between organizations? Unlock answer & explanation →
- A honeypot captures traffic from an attacker attempting to exploit a web server vulnerability. What is the primary intelligence value of this data? Unlock answer & explanation →