Chapter 20: Threat Identification and Analysis

📖 Key Topics Covered

▸ Threat Identification and
▸ Identify common Indicators of Compromise (IOCs)
▸ Explain the Cyber Kill Chain and its seven phases
▸ Threat Intelligence
▸ Threat Intelligence Sources
▸ SOURCE TYPE
▸ Open Source
▸ Publicly available
▸ Paid threat intelligence
▸ Recorded Future, Mandiant, CrowdStrike
▸ Government cybersecurity
▸ CISA alerts, FBI IC3, NSA advisories
▸ Sector‐specific sharing
▸ ISACs (Information Sharing and Analysis
▸ Organization's own security

🔑 Key Terms

Code Signing Verification Delivery Dependency Pinning Exploitation Installation Reconnaissance Spyware Secretly Vendor Security Assessments Weaponization Zero Trust Architecture

See the full definitions in the Glossary and test yourself with Flashcards.

Assessment Tips

💡 Assessment Tip

Know the differences between malware types: viruses require user action and attach to files; worms self‐replicate across networks; trojans disguise as legitimate software; ransomware encrypts data for extortion. Fileless malware operates in memory an

💡 Assessment Tip

Supply chain attacks are a major topic on Security+ SY0‐701. Remember: supply chain attacks exploit trust — the malicious code comes from a source the organization has already vetted and approved. Traditional perimeter defenses don't help because the

← Chapter 19 All Chapters Chapter 21 →