Use this quick start guide to collect all the information about GIAC GCTI Certification exam. This study guide provides a list of objectives and resources that will help you prepare for items on the GIAC Cyber Threat Intelligence (GCTI) exam. The Sample Questions will help you identify the type and difficulty level of the questions and the Practice Exams will make you familiar with the format and environment of an exam. You should refer this guide carefully before attempting your actual GIAC Cyber Threat Intelligence (GCTI) certification exam.
The GIAC GCTI certification is mainly targeted to those candidates who want to build their career in Digital Forensics, Incident Response & Threat Hunting domain. The GIAC Cyber Threat Intelligence (GCTI) exam verifies that the candidate possesses the fundamental knowledge and proven skills in the area of GIAC GCTI.
GIAC GCTI Exam Summary:
| Exam Name | GIAC Cyber Threat Intelligence (GCTI) |
| Exam Code | GCTI |
| Exam Price | $979 (USD) |
| Duration | 180 mins |
| Number of Questions | 82 |
| Passing Score | 71% |
| Books / Training | FOR578: Cyber Threat Intelligence |
| Schedule Exam | Pearson VUE |
| Sample Questions | GIAC GCTI Sample Questions |
| Practice Exam | GIAC GCTI Certification Practice Exam |
GIAC GCTI Exam Syllabus Topics:
| Topic | Details |
|---|---|
| Analysis of Intelligence | - The candidate will demonstrate an understanding of the techniques employed in analyzing information. The candidate will also demonstrate an understanding obstacles to accurate analysis, such as fallacies and bias, and how to recognize and avoid them. |
| Campaigns and Attribution | - The candidate will demonstrate an understanding of identifying and profiling intrusion characteristics and external intelligence into campaigns. The candidate will demonstrate an understanding of the importance of attribution and the factors that are considered when making an attribution. |
| Collecting and Storing Data Sets | - The candidate will demonstrate an understanding of collecting and storing data from collection sources such as threat feeds, domains, TLS certificates, and internal sources. |
| Intelligence Application | - The candidate will demonstrate an understanding of the practical application of gathering, analyzing, and using intelligence. Additionally, the candidate will demonstrate an understanding of how well-known cyber attacks can inform cyber intelligence professionals today. |
| Intelligence Fundamentals | - The candidate will demonstrate an understanding of fundamental cyber threat intelligence definitions and concepts. The candidate will also demonstrate a basic working knowledge of technologies that provide intelligence analysts with data, such as network indicators, log repositories, and forensics tools. |
| Kill Chain, Diamond Model, and Courses of Action Matrix | - The candidate will demonstrate an understanding of the Kill Chain, Diamond Model, and Courses of Actions Matrix and how they are used together to analyze intrusions. |
| Malware as a Collection Source | - The candidate will demonstrate an understanding of malware analysis tools and techniques to derive intelligence. |
| Pivoting | - The candidate will demonstrate an understanding of pivoting to expand intelligence, pivot analysis, the ability to use link analysis tools, and ability perform domain analysis to expand intelligence collections. |
| Sharing Intelligence | - The candidate will demonstrate an understanding of methods and practices of storing intelligence from various sources. The candidate will demonstrate an understanding of the processes, tools, and techniques used in sharing intelligence. The candidate will demonstrate an understanding of effectively sharing tactical intelligence with executives by writing accurate and effective reports and using such capabilities as assessments. |
To ensure success in GIAC GCTI certification exam, we recommend authorized training course, practice test and hands-on experience to prepare for GIAC Cyber Threat Intelligence (GCTI) exam.