In threat intelligence communications, what set of specifications is for exchanging cyberthreat information between organizations?
- Trusted automated exchange of indicator information (TAXII)
- Structured threat information expression (STIX)
- Automated indicator sharing (AIS)
- Common vulnerabilities and exposures (CVE)
Explanation: The two common threat intelligence-sharing standards are as follows:
Structured Threat Information Expression (STIX) – This is a set of specifications for exchanging cyberthreat information between organizations. The Cyber Observable Expression (CybOX) standard has been incorporated into STIX.
Trusted Automated Exchange of Indicator Information (TAXII) – This is the specification for an application layer protocol that allows the communication of CTI over HTTPS. TAXII is designed to support STIX.
Exam with this question: CCNA Cyber Ops (v1.1) – Chapter 8 Exam Answers
Please login or Register to submit your answer