A financial services company is experiencing recurring targeted attacks that bypass their traditional security controls. The CISO wants to implement a more proactive approach to security. Which threat intelligence activity would be most effective for identifying adversaries already operating within their network?
Threat hunting is the correct answer because it's a proactive security activity specifically designed to search for signs of attackers who have already bypassed existing security controls and established a presence within the network. Unlike the other options that focus primarily on external threat data or automated alerting, threat hunting involves security analysts actively searching through networks to discover and isolate advanced threats that evade traditional security solutions. Threat hunting uses hypothesis-driven investigation techniques and relies on analysts' expertise to detect subtle indicators of compromise that automated systems might miss. The other options are valuable threat intelligence components but don't specifically address the scenario of identifying adversaries already operating within the network.
Ask Bash
Bash is our AI bot, trained to help you pass your exam. AI Generated Content may display inaccurate information, always double-check anything important.
What is threat hunting?
Open an interactive chat with Bash
What are indicators of compromise (IoCs)?
Open an interactive chat with Bash
How does threat hunting differ from vulnerability scanning?
Open an interactive chat with Bash
ISC2 CISSP
Security Operations
Your Score:
Report Issue
Bash, the Crucial Exams Chat Bot
AI Bot
Loading...
Loading...
Loading...
IT & Cybersecurity Package Join Premium for Full Access