Cyber Threat Intelligence

Course Description

CYBV435 will provide students with an in-depth investigation of threat actors and the techniques they employ to attack networks. Students will research threat capabilities and objectives. Formal ethical hacking methodology including reconnaissance, scanning and enumeration, gaining access, escalation of privilege, maintaining access and reporting is examined.

Learning Outcomes

The student will:

  • Explain the relationship between a threat actors objectives and their motivation, access, and capabilities.
  • Identify how threat actors conduct activities in cyberspace to achieve their objectives.
  • Identify sources of information about threats to an organization.
  • Exercise critical thinking strategies including reasoning, problem solving, analysis and evaluation by:
    • Explaining how vulnerabilities in information systems are discovered.
    • Recognizing how knowledge of network operations helps identify unauthorized network activity.
    • Explaining how cyber intelligence and penetration testing can be mutually supporting.
    • Explaining how cyber intelligence and digital forensics collection and analysis can be mutually supporting.
    • Applying cyber intelligence to make recommendations for changes to information system security design, implementation, policies, and practices.

Course Objectives

The student will:

  • Conduct and analysis of the Intelligence-driven Incident Response process
  • Conduct an event analysis of a cyber-attack and document the behavioral, computed, and atomic signatures
  • Develop an IOC describing a cyber-attack using OpenIOC
  • Develop a threat model of a cyber event utilizing the Diamond Model
  • Conduct an in-depth analysis of a cyber threat actor and their TTPs
  • Develop a Cyber Threat Intelligence report on a threat actor focused toward senior level decision makers