CTI Fundamentals Flashcards
(25 cards)
What is the primary purpose of Cyber Threat Intelligence (CTI)?
To enable organizations to understand, predict, and adapt to cyber threats.
Name the four key components of CTI.
Threat actors, Tactics Techniques and Procedures (TTPs), Indicators of Compromise (IoCs), Vulnerabilities and exploits.
How does CTI align with Amazon’s ‘Think Big’ principle?
It involves looking ‘around corners’ for future threats and opportunities, considering long-term trends and high-level implications.
What is the focus of Strategic Analysis in CTI?
Long-term trends and high-level implications of cyber threats.
How does Operational Analysis in CTI relate to Amazon’s ‘Dive Deep’ principle?
It requires diving deep into details of campaign tracking and threat actor profiling while maintaining a broader perspective.
What is the primary focus of Tactical Analysis in CTI?
Short-term, technical focus on specific threats and indicators.
How does Tactical Analysis embody Amazon’s ‘Bias for Action’ principle?
It emphasizes quick response to immediate threats.
What is the Diamond Model in CTI?
A framework that analyzes relationships between adversaries, capabilities, infrastructure, and victims.
How does the Kill Chain Analysis support Amazon’s ‘Insist on the Highest Standards’?
It helps identify gaps in defenses by mapping threat activities to stages of an attack lifecycle.
How does CTI at Amazon need to account for scale and complexity?
It must consider Amazon’s massive scale and diverse operations, requiring innovative approaches.
How does a customer-centric approach in CTI align with Amazon’s principles?
All CTI efforts should ultimately tie back to customer protection and trust, embodying ‘Customer Obsession’.
How does CTI leverage Amazon’s ‘Are Right, A Lot’ principle?
By using data-driven decision making, leveraging vast data resources for threat analysis.
How does CTI reflect Amazon’s ‘Learn and Be Curious’ principle?
It requires staying updated on evolving threats and techniques, reflecting continuous learning.
What CTI practice aligns with Amazon’s ‘Earn Trust’ principle?
Collaborating across teams to share insights and improve overall security posture.
How does CTI embody Amazon’s ‘Frugality’ principle?
By developing processes that are both effective and resource-efficient.
What is threat modeling in CTI?
The process of identifying and prioritizing potential threats to an organization’s assets.
How does intelligence production in CTI align with Amazon’s practices?
It focuses on creating actionable reports for various stakeholders, using ‘working backwards’ documents to clarify threat scenarios.
How does CTI support Amazon’s ‘Bias for Action’ in security operations?
By ensuring CTI insights are operationalized effectively for quick threat response.
How does CTI align with Amazon’s ‘Deliver Results’ principle?
By developing KPIs to measure CTI program effectiveness, focusing on tangible outcomes.
How does CTI reflect Amazon’s ‘Success and Scale Bring Broad Responsibility’?
By balancing security needs with privacy and ethical concerns in intelligence gathering and use.
What is the significance of ‘working backwards’ in Amazon’s approach to CTI?
It ensures that CTI efforts start with customer needs and work backwards to define necessary actions and capabilities.
How does Amazon’s narrative format influence CTI reporting?
CTI reports should be written in a clear, detailed narrative style rather than bullet points or slides.
How does CTI support Amazon’s ‘Think Big’ principle in security strategy?
By considering broad, future impacts and potential threats that could affect Amazon’s diverse operations.
How does CTI at Amazon need to balance speed with quality?
By rapidly identifying and responding to threats while ensuring accuracy and thoroughness in analysis.
