When of the following points of the Diamond Model of Intrusion Analysis does this intelligence represent?

An analyst receives artifacts from a recent Intrusion and is able to pull a domain, IP address, email address, and software version.

When of the following points of the Diamond Model of Intrusion Analysis does this intelligence represent?
A . Infrastructure
B . Capabilities
C . Adversary
D . Victims

Answer: A

Explanation:

The Diamond Model of Intrusion Analysis is a framework for analyzing and understanding malicious activity on a system or network. It defines the basic atomic element of any intrusion activity as the event, which consists of four core features: adversary, infrastructure, capability, and victim. These features are connected by edges that represent their underlying relationships and arranged in the shape of a diamond1. The infrastructure feature refers to the physical or logical communication structures that are used by the adversary to deliver a capability or interact with a victim. Examples of infrastructure elements are IP addresses, domain names, email addresses, servers, routers, etc. The domain, IP address, email address, and software version that the analyst extracted from the artifacts are all examples of infrastructure elements that can be used to identify or track the adversary’s activity.

Reference: 1 The Diamond Model of Intrusion Analysis – Threat Intelligence Academy

Latest CS0-002 Dumps Valid Version with 220 Q&As

Latest And Valid Q&A | Instant Download | Once Fail, Full Refund

Subscribe
Notify of
guest
0 Comments
Inline Feedbacks
View all comments