Eccouncil Exam 312-85 Topic 7 Question 27 Discussion

Actual exam question for Eccouncil's 312-85 exam

Question #: 27
Topic #: 7

Sarah is a security operations center (SOC) analyst working at JW Williams and Sons organization based in Chicago. As a part of security operations, she contacts information providers (sharing partners) for gathering information such as collections of validated and prioritized threat indicators along with a detailed technical analysis of malware samples, botnets, DDoS attack methods, and various other malicious tools. She further used the collected information at the tactical and operational levels.

Sarah obtained the required information from which of the following types of sharing partner?

AProviders of threat data feeds

BProviders of threat indicators

CProviders of comprehensive cyber-threat intelligence

DProviders of threat actors

Show Suggested Answer

Suggested Answer: C

The information Sarah is gathering, which includes collections of validated and prioritized threat indicators along with detailed technical analysis of malware samples, botnets, DDoS methods, and other malicious tools, indicates that she is obtaining this intelligence from providers of comprehensive cyber-threat intelligence. These providers offer a holistic view of the threat landscape, combining tactical and operational threat data with in-depth analysis and context, enabling security teams to make informed decisions and strategically enhance their defenses. Reference:

'Cyber Threat Intelligence Providers: How to Choose the Right One for Your Organization,' by CrowdStrike

'The Role of Comprehensive Cyber Threat Intelligence in Effective Cybersecurity Strategies,' by FireEye

by Tambra at Mar 22, 2025, 08:08 AM

Limited Time Offer

25%

Off

Get Premium 312-85 Questions as Interactive Web-Based Practice Test or PDF

Contribute your Thoughts:

Submit Cancel

Remedios

26 days ago

I think it might be providers of threat indicators as well, as they provide validated and prioritized threat indicators.

upvoted 0 times

...

Frank

1 months ago

Haha, I bet Sarah wishes she could just ask the threat actors directly for information. That would be a bold strategy, but probably not the most effective approach.

upvoted 0 times

...

Kristofer

1 months ago

I agree with Katy, comprehensive cyber-threat intelligence providers could be the source of information.

upvoted 0 times

...

Katy

1 months ago

I believe it could also be providers of comprehensive cyber-threat intelligence.

upvoted 0 times

...

Stephania

1 months ago

This seems straightforward. I don't know why anyone would even consider options A, B, or D. It's clearly C all the way!

upvoted 0 times

...

Bronwyn

1 months ago

I agree with Aron. Sarah needs access to a broad range of threat intelligence to effectively support the security operations of the organization.

upvoted 0 times

Ezekiel

11 days ago

C) Providers of comprehensive cyber-threat intelligence

upvoted 0 times

...

Margo

15 days ago

B) Providers of threat indicators

upvoted 0 times

...

Denae

22 days ago

C) Providers of comprehensive cyber-threat intelligence

upvoted 0 times

...

Wade

22 days ago

A) Providers of threat data feeds

upvoted 0 times

...

Gilma

28 days ago

B) Providers of threat indicators

upvoted 0 times

...

Tony

29 days ago

A) Providers of threat data feeds

upvoted 0 times

...

Laine

2 months ago

I think Sarah obtained the required information from providers of threat data feeds.

upvoted 0 times

...

Aron

2 months ago

The correct answer is C) Providers of comprehensive cyber-threat intelligence. This includes information on threat indicators, malware samples, botnets, and other malicious tools.

upvoted 0 times

Ariel

1 months ago

C) Providers of comprehensive cyber-threat intelligence

upvoted 0 times

...

Juan

1 months ago

B) Providers of threat indicators

upvoted 0 times

...

Ilona

2 months ago

A) Providers of threat data feeds

upvoted 0 times

...