A cybersecurity analyst has access to several threat feeds and wants to organize them while simultaneously comparing intelligence against network traffic.
Which of the following would BEST accomplish this goal?
Click on the arrows to vote for the correct answer
A. B. C. D.C.
Option B, automation and orchestration, would be the best approach for organizing and comparing threat intelligence against network traffic.
Automation involves the use of tools or software to perform repetitive tasks automatically, without human intervention. Orchestration is the coordination and management of multiple tools or software to perform complex tasks or workflows.
By automating the process of comparing threat feeds against network traffic, the cybersecurity analyst can save time and increase efficiency. The analyst can set up automated alerts for specific types of threats, which can help to identify and respond to security incidents more quickly.
Orchestration allows the analyst to integrate multiple threat feeds and network traffic data sources, enabling them to compare and correlate information from different sources in real-time. This approach can provide a more comprehensive view of potential threats, enabling the analyst to identify patterns and trends that may not be apparent from a single source.
Continuous integration and deployment (Option A) is a software development process that is not directly related to the task of organizing and comparing threat feeds against network traffic. Static and dynamic analysis (Option C) refers to techniques used to analyze code or software, which is not directly relevant to this scenario. Information sharing and analysis (Option D) can be useful, but it does not provide a solution for organizing and comparing threat feeds against network traffic.