# EC-Council CTIA 各章節重點 更新時間:2024/05/06 這門課 主要是在講 情資分析跟收集 通過考試條件 --- - 考試科目:Certified Threat Intelligence Analyst - 考試代碼:312-85 目前教材版本為v2 - 考試時間2小時，50題 - 單選題(有單選式多選題) - 必須答對70%題目才會PASS - 目前考試支援的語系版本僅只有英文 - 考試地點:Pearson VUE考試中心(基本上建議就跟在恆逸上課、恆逸考試) - 考試費用:有報課程會送考試券一張，沒有報課程單獨考要450美金，如果在恆逸重考有優惠價格 考試大綱請參考 Certified Threat Intelligence Analyst v2 EXAM BLUEPRINT https://cert.eccouncil.org/wp-content/uploads/2024/02/CTIA-v2-Exam-Blueprint.pdf CH1 --- Module 01: Introduction to Threat Intelligence(何謂威脅情資) Exploit Advance Persistant Threat,APT Known Knowns Known UnKnowns UnKnown UnKnowns TTPS Tactics Techniques Procedures Indicators of Compromise 痛苦金字塔（The Pyramid of Pain） CH2 --- Module 02: Cyber Threats and Kill Chain Methodology(網路威脅與狙殺鍊) Hacktivist Cyber Terrorists/Criminals Suicide hacker State-sponsored hacker Organized hacker Script kiddes Insider Threat CKC (Cyber Kill Chain) Reconnaissance Weaponization Delivery Exploitation Installation Command & Control Action CH3 --- Module 03: Requirements, Planning, Direction, and Review(要求、規劃、指導與檢討) Define Threat Intelligence Requirements Threat Intelligence Requirement Categories MoSCoW method CH4 --- Module 04: Data Collection and Processing(資料搜集與處理) 計畫及方向 (基於目標規畫) 數據收集和處理(Data Collection and Processing) 資料處理變資訊(Processing and Exploiation) 數據分析(Data Analysis) 情報報告和發佈(Intelligence Reporting and Dissemination) Data Collection through Open Source Intelligence (OSINT) Threat Intelligence Feeds Threat Intelligence Sources CH5 --- Module 05: Data Analysis(資料分析) Diamond Model of Intrusion Analysis Analysis of Competing Hypotheses (ACH) Structured Analysis of Competing Hypotheses (SACH) STRIDE PASTA TRIKE VAST DREAD OCTAVE CH6 --- Module 06: Intelligence Reporting and Dissemination(情資通報與傳遞) Computer Emergency Response Team,CERT Computer Security Incident Response Team,CSIRT Product Security Incident Response Team,PSIRT Information Sharing and Analysis Organizations, ISAO Information Sharing and Analysis Center,ISAC Threat Intelligence Platform TAXII STIX 1.0/1.1/2.0/2.1 Reference --- EC-Council CTIA威脅情資分析專家認證課程 https://www.uuu.com.tw/Course/Show/1534/EC-Council-CTIA%E5%A8%81%E8%84%85%E6%83%85%E8%B3%87%E5%88%86%E6%9E%90%E5%B0%88%E5%AE%B6%E8%AA%8D%E8%AD%89%E8%AA%B2%E7%A8%8B CTIA (CCIT_221121-221123) https://hackmd.io/@yVXj9cqSSmi-M5z6UVjVFA/SJIVxIu8s CTIA-1 https://hackmd.io/@sin8997/ryGMTSOUs CTIA-2 https://hackmd.io/@sin8997/ByRm1NYLi ###### tags: `EC-Council` `CTIA`