Eccouncil Exam 312-85 Topic 1 Question 23 Discussion

Actual exam question for Eccouncil's 312-85 exam

Question #: 23
Topic #: 1

A threat analyst wants to incorporate a requirement in the threat knowledge repository that provides an ability to modify or delete past or irrelevant threat data.

Which of the following requirement must he include in the threat knowledge repository to fulfil his needs?

AProtection ranking

BEvaluating performance

CData management

DSearchable functionality

Show Suggested Answer

Suggested Answer: C

Incorporating a data management requirement in the threat knowledge repository is essential to provide the ability to modify or delete past or irrelevant threat data. Effective data management practices ensure that the repository remains accurate, relevant, and up-to-date by allowing for the adjustment and curation of stored information. This includes removing outdated intelligence, correcting inaccuracies, and updating information as new insights become available. A well-managed repository supports the ongoing relevance and utility of the threat intelligence, aiding in informed decision-making and threat mitigation strategies. Reference:

'Building and Maintaining a Threat Intelligence Library,' by Recorded Future

'Best Practices for Creating a Threat Intelligence Policy, and How to Use It,' by SANS Institute

by Jackie at Jan 09, 2025, 04:21 AM

Limited Time Offer

25%

Off

Get Premium 312-85 Questions as Interactive Web-Based Practice Test or PDF

Contribute your Thoughts:

Submit Cancel

Paulina

2 days ago

I think the requirement should be data management.

upvoted 0 times

...

Carmelina

2 days ago

C) Data management - Duh, how else are you going to modify or delete past data? It's like the IT version of cleaning your room.

upvoted 0 times

...