CTIA: Certified Threat Intelligence Analyst

Certified Threat Intelligence Analyst (CTIA) is a training and credentialing program designed and developed in collaboration with cybersecurity and threat intelligence experts across the globe to help organizations identify and mitigate business risks by converting unknown internal and external threats into known threats. It is a comprehensive specialist-level program that teaches a structured approach for building effective threat intelligence.

The CTIA program was based on a rigorous Job Task Analysis (JTA) of the job roles involved in the field of threat intelligence. This program differentiates threat intelligence professionals from other information security professionals. It is a highly interactive, comprehensive, standards-based, intensive 3-day training program that teaches information security professionals to build professional threat intelligence.

More than 40 percent of class time is dedicated to the learning of practical skills, and this is achieved through EC-Council labs. Theory to practice ratio for CTIA program is 60:40, providing students with a hands-on experience of the latest threat intelligence tools, techniques, methodologies, frameworks, scripts, etc. CTIA comes integrated with labs to emphasize the learning objectives.

The CTIA lab environment consists of the latest operating systems including Windows 10 and Kali Linux for planning, collecting, analyzing, evaluating, and disseminating threat intelligence.

Audience

Any cyber security professional who needs to understand how to gather large amounts of relevant threat information from a multitude of intelligence sources which can then be analyzed to provide threat intelligence that accurately predicts the potential threats that an organization may encounter. These individuals may be fulfilling roles such as: 

  • Ethical Hackers
  • Security Practitioners, Engineers, Analysts, Specialist, Architects, and Managers
  • Threat Intelligence Analysts, Associates, Researchers, Consultants
    Threat Hunters
  • SOC Professionals
  • Digital Forensic and Malware Analysts
  • Incident Response Team Members
  • Any mid-level to high-level cybersecurity professionals with a minimum of 2 years of experience.
  • Individuals from the information security profession and who want to enrich their skills and knowledge in the field of cyber threat intelligence.
    Individuals interested in preventing cyber threats.

Prerequisites

There are no hard set prerequsites for course attendance, however in order to apply to take the exam you must be able to show a minimum of 3 years working experience in information security or software design.

Learning objectives

  • Key issues in the InfoSec domain.
  • Importance of threat intelligence in risk management, SIEM, and incident response.
  • Various cyber threats, threat actors, and their objectives for cyberattacks.
  • Fundamentals of threat intelligence (including threat intelligence types, life cycle, strategy, capabilities, maturity model, frameworks, etc.)
  • Cyber kill chain methodology, Advanced Persistent Threat (APT), Indicators of Compromise (IoCs), and the pyramid of pain.
  • Threat intelligence program steps (Requirements, Planning, Direction, Review).
  • Types of data feeds, sources, and data collection methods.
  • Threat intelligence data collection and acquisition through Open-Source Intelligence (OSINT), Human Intelligence (HUMINT), Cyber Counterintelligence (CCI), Indicators of Compromise (IoCs), and malware analysis.
  • Bulk data collection and management (data processing, structuring, normalization, sampling, storing, and visualization).
  • Data analysis types and techniques including Statistical Data Analysis, Structured Analysis of Competing Hypotheses (SACH), etc.
  • Complete threat analysis process including threat modeling, fine-tuning, evaluation, runbook, and knowledge base creation.
  • Different data analysis, threat modeling, and threat intelligence tools.
  • Creating effective threat intelligence reports.
  • Different threat intelligence sharing platforms, acts, and regulations for sharing strategic, tactical, operational, and technical intelligence.

Course outline

  • Introduction to Threat Intelligence
  • Cyber Threats and Kill Chain Methodology
  • Requirements, Planning, Direction, and Review
  • Data Collection and Processing
  • Data Analysis
  • Intelligence Reporting and Dissemination

Read detailed course description from EC Council:
CTIA: Certified Threat Intelligence Analyst

Certification

The CTIA course is recommended as preparation for exam 312-85 - Certified Threat Intelligence Analyst.
NOTE! The exam is not included in the course 

In order to achieve this certification you will need to prove course attendance through an accredited EC-Council Partner and be able to show a minimum of 3 years work experience in information security or software design.

Exam Details

  • Exam Title: Certified Threat Intelligence Analyst
  • Exam Code: 312-85
  • Number of Questions: 50
  • Duration: 2 hours
  • Test Format: Multiple Choice
  • Passing Score: 70%

Other relevant courses

10. February
5 days
Classroom Virtual
3 days
Classroom Virtual