100% compliance to NICE 2.0 and CREST frameworks
C|TIA maps 100 percent to the National Initiative for Cybersecurity Education (NICE) in the category “Analyze” and specialty area
“Threat/Warning Analyst (TWA)”, as well as the “CREST Certified Threat Intelligence Manager (CC TIM).”
Focus on developing skills for performing various types of threat intelligence
It focuses on developing the skills to perform different types of threat intelligence including strategic, operational, tactical, and technical threat intelligence for a particular organization.
Emphasis on various data collection techniques from multiple sources and feeds
It emphasizes various data collection techniques from various sources and feeds. It allows students to employ different data collection strategies to collect relevant threat information.
Emphasis on collection, creation, and dissemination of Indicators of Compromise (IoCs) in various formats
C|TIA discusses Indicators of Compromise (IoCs) indetail, including internal and external IoCs. It illustrates how to acquire these IoCs from various sources. IoCs are a good source of information about cyber threats and an organization can easily detect cyberattacks and respond in time by monitoring IoCs. C|TIA elaborately explains how to create and disseminate these IoCs.
Focus on intense malware analysis to collect adversary data and pivot off of it
It explains in detail how to reverse engineer malware and pivot off of it in order to determine the origin, functionality, and potential impact of malware as well as determine the threat actor. This is a crucial skill required for threat intelligence analyst.
Focus on a structured approach for performing threat analysis and threat intelligence evaluation
Analyzing the collected threat data and evaluating the required threat intelligence from the analysis process is one of the crucial steps for extracting threat intelligence. C|TIA discusses a structured approach that can be employed by an analyst for performing threat analysis and also threat modeling. This program also illustrates how to fine-tune the analysis process in order to filter out unnecessary information and extract effective intelligence. C|TIA also discuss different types of threat intelligence evaluation techniques for acquiring desired intelligence.
Focus on various techniques for threat intelligence reporting and dissemination
C|TIA emphasizes the creation of efficient threat intelligence reports. It describes building blocks for threat intelligence sharing along with different sharing rules and models. It explains the best practices for sharing TI and also discuss different intelligence sharing acts and regulations.
More than 40 percent of class time is dedicated to the learning of practical skills, and this is achieved through EC-Council labs.
Theory to practice ratio for C|TIA program is 60:40, providing students with a hands-on experience of the latest threat intelligence tools, techniques, methodologies, frameworks, scripts, etc. C|TIA comes integrated with labs to emphasize the learning objectives.
Lab environment simulates a real-time environment
The C|TIA lab environment consists of the latest operating systems including Windows 10 and Kali Linux for planning, collecting, analyzing, evaluating, and disseminating threat intelligence.
Covers latest threat intelligence tools, platforms, and frameworks
The C|TIA course includes a library of tools, platforms, and frameworks across different operation platforms that are required by security professionals to extract effective organizational threat intelligence. This provides a wider option to students than any other program on the market.