Cyber Threat Intelligence and Security Best Practices for IT
Admins
What is threat intelligence?
Threat intelligence is a collection of data that provides insights to help an
organization defend, detect, and respond to threats or attacks.
What are the benefits of threat intelligence?
It allows organizations to be proactive, prioritize resources, reduce
detection costs, and limit the impact of successful breaches.
Why is cyber threat intelligence important for businesses?
It protects against disruption, retains customer and shareholder confidence,
and increases profitability and partner value.
What are the three main types of cyber intelligence?
Tactical, Operational, and Strategic cyber intelligence.
What does tactical cyber intelligence focus on?
It deals with immediate and specific threats or incidents, involving
real-time monitoring, analysis, and response.
/ 1/19
,4/11/26, 4:21 PM Cyber Threat Intelligence and Security Best Practices for IT Admins
What is operational cyber intelligence concerned with?
It involves trending and patterning over time, analyzing cyber threats and
risks to understand tactics, techniques, and procedures (TTPs).
What is the focus of strategic cyber intelligence?
It involves long-term planning and decision making, forecasting future threats
and trends, and providing insights for organizational strategy.
What is OSINT?
Open-source intelligence, collected from publicly available sources like the
internet, newspapers, and social media.
What does TECHINT stand for?
Technical intelligence, involving the collection and analysis of technical
data, including signals intelligence (SIGINT) and geospatial intelligence
(GEOINT).
What is HUMINT?
Human intelligence, gathered through interpersonal contact, such as
espionage or the use of confidential informants.
What is the role of IT admins in cyber security?
IT admins enhance situational awareness, develop a security mindset, and
contribute to proactive defense and better decision making.
/ 2/19
, 4/11/26, 4:21 PM Cyber Threat Intelligence and Security Best Practices for IT Admins
What are the phases of incident response?
Preparation, detection and analysis, containment, eradication, recovery, and
documentation of lessons learned.
How does threat intelligence help in incident response?
It provides actionable insights that enhance detection, response, and
mitigation of cyber threats.
What is the significance of situational awareness in cyber security?
It allows individuals to recognize unusual activities and respond appropriately
to potential threats.
What is the impact of a proactive defense in cyber security?
It leads to faster detection and response, reducing the impact of breaches or
cyber incidents.
How does threat intelligence contribute to vendor and tool selection?
It informs better decision-making regarding the selection of security tools
and vendors based on current threat landscapes.
What is the relationship between tactical, operational, and strategic
intelligence?
They are interconnected; tactical feeds into operational, which in turn
informs strategic planning.
/ 3/19