1. Which service is provided by the Cisco Talos Group?

The Cisco Talos group collects information about active, existing, and emerging threats which can be used by Cisco Security products in real time to provide fast and effective security solutions.

2. What does the MITRE Corporation create and maintain?

The MITRE Corporation creates and maintains a catalog of known security threats called Common Vulnerabilities and Exposures (CVE). The CVE serves as a dictionary of common names (i.e., CVE Identifiers) for publicly known cybersecurity vulnerabilities.

3. What is the primary function of (ISC 2 )?

International Information Systems Security Certification Consortium (ISC 2 ) is a network security organization that provides vendor neutral education products and career services.

4. Which threat intelligence sharing open standard specifies, captures, characterizes, and communicates events and properties of network operations?

Structured Threat Information Expression (STIX) is a set of specifications for exchanging cyberthreat information between organizations. Cyber Observable Expression (CybOX) is a set of standardized schema that specifies, captures, characterizes, and communicates events and properties of network operations and that supports many cybersecurity functions. Trusted Automated Exchange of Indicator Information (TAXII) is a specification for an application layer protocol that allows the communication of CTI over HTTPS and is designed to support STIX.

5. What is the Common Vulnerabilities and Exposures (CVE) used by the MITRE Corporation?

The MITRE Corporation creates and maintain a dictionary of common names (i.e., CVE Identifiers) for publicly known cybersecurity vulnerabilities known as Common Vulnerabilities and Exposures (CVE).

6. Which service is offered by the U.S. Department of Homeland Security (DHS) that enables real- time exchange of cyberthreat indicators between the U.S. Federal Government and the private sector?

The U.S. Department of Homeland Security (DHS) offers a free service called Automated Indicator Sharing (AIS) which enables the real-time exchange of cyberthreat indicators (e.g., malicious IP addresses, the sender address of a phishing email, etc.) between the U.S. Federal Government and the private sector.

7. What is the primary function of SANS?

One of the primary functions of the SysAdmin, Audit, Network, Security (SANS) Institute is the maintenance of the Internet Storm Center early warning system.

8. Why do several network organizations, professionals, and intelligence agencies use shared open standards for threat intelligence?

Several network organizations, professionals, and intelligence agencies use shared open standards to enable the exchange of cyber threat intelligence (CTI) in an automated, consistent, and machine readable format.

9. What is the primary purpose of the Forum of Incident Response and Security Teams (FIRST)?

The primary purpose of the Forum of Incident Response and Security Teams (FIRST) is to enable a variety of computer security incident response teams to collaborate, cooperate, and coordinate information sharing, incident prevention, and rapid reaction between the teams.

10. What threat intelligence group provides blogs and podcasts to help network security professionals remain effective and up-to-date?

The Cisco Talos Group provides blogs and podcasts on security-related topics from a number of industry experts. These blogs and podcasts provide advice, research, and recommended mitigation techniques.