Cyber Threat Intelligence Practitioner Course

Overview

The arcX Cyber Threat Intelligence Practitioner course is the perfect course for someone looking to enter the field of cyber threat intelligence (CTI) and prepare for the CPTIA examination. Suitable for beginners and those who have a basic knowledge of CTI, this course seeks to demystify the role of a CTI analyst and provide the knowledge and skills required for you to operate within a Threat Intelligence team.

Among other things, you will learn fundamental skills such as how to gather intelligence requirements, formulate a collection plan, analyse information and produce actionable intelligence.

This is a CREST accredited training course covering every element of the CREST Practitioner Threat Intelligence Analyst (CPTIA) examination. Additionally, upon successful completion of the arcX final exam, you will receive the arcX Practitioner Threat Intelligence Analyst certification which can be validated on the website using the provided QR code.

Study at your own pace

With our online self-directed training courses you're in charge of how quickly or slowly you work through the content.

Learn on the move

The arcX platform has been designed to work on most mobile devices, so you can keep moving and keep learning.

Challenge yourself

With rigorous testing throughout our courses, you'll have the opportunity to continually improve, and measure improvements against past performance.

Certified excellence

Our courses aren't just good, they're excellent and we are a CREST Approved Training Provider.

Summary

25+ hours of training content
CREST accredited CPTIA course
48 units covering over 120 concepts
Includes 17+ hours of video training
arcX final exam with free re-test included
100% Online and on-demand self-study course
21 engaging exercises
500+ practice questions

Price: £399

Course Delivery

The Cyber Threat Intelligence Practitioner training course is the equivalent of a 5-day classroom course. The training is delivered online using the power of the arcX platform with the added benefit of being able study at your own pace, online and through a range of training resources.

Video Content

Video is the primary delivery method of the arcx Cyber Threat Intelligence Practitioner training course. There are a total of 65 videos to watch totalling roughly 17+ hours of video content.

Quizzes

Expect to find plenty of tests within this course! Using our bespoke testing engine, you will recieve both free-form and adapting testing throughout designed to help consolidate learning and continually challenge your ability.

Practical Exercises

This course comprises of 21 exercises ranging from micro exercises taking a few minutes to complete up to full research projects taking hours. All exercises are designed to help you assess how well you have grasped a concept.

Additional Reading Material

The course includes numerous downloadable reports and research papers that will reinforce the concepts taught.

arcX Final Exam

The Cyber Threat Intelligence Practitioner course culminates in a final challenging exam designed to test your knowledge and skills.

The exam is made available upon marking 95% of the course content as complete.

The course also includes one free exam retake. Why not unlimited retakes? Because we want you to learn the content, not how to pass our test.

The arcX final exam also serves as a great indicator of how you will perform in your CREST Practitioner Threat Intelligence Analyst exam. At present we have a 100% success rate for students passing our exam going on to pass their CPTIA.

Those who successfully pass the arcx examination will be awarded the arcX Practitioner Level Threat Intelligence Analyst certification which can be validated on the website using the provided QR code.

What will this course teach me to do?

This course will give you a solid grounding in the world of cyber threat intelligence, enabling you to work with a cyber threat intelligence team and contribute to intelligence projects.

You will be capable of:

Explaining what the different types of threat actors are and what impact they can have on an organisation
Using the diamond model and cyber kill chain to better understand the adversary
Gathering intelligence requirements from a customer and helping to shape those requirements
Formulating a collection plan and aligning relevant sources and agencies
Analysing information in order to produce actionable intelligence for the customer
Understanding the intelligence sharing requirements of an organisation
Considering the legal and ethical ramifications of certain actions and what to do about them

Who is this for?

A highly-beneficial course for those looking to enter the fray as a cyber threat intelligence analyst or for those already in the industry. It also serves as a complimentary course for all cyber security professionals looking to add additional skills, knowledge and insight to their day-to-day role. The perfect choice for:

People with no prior experience
Threat Intelligence Analysts
CREST exam preparation
Penetration Testers
SOC Analysts
Incident Responders
Non-technical managers
Cyber Security Enthusiasts

Course Syllabus

Section 1 - Objectives of Threat Intelligence: In this section we will be making that all important initial introduction to Threat Intelligence, its key terminology and some foundation concepts that will set the tone for the rest of the course.
Section 2 - Threat Actor Types: In this section we will be looking at Threat Actors, who they are, what they do and why understanding the difference between them is imperative.
Section 3 - Threat Vector Types and Vulnerabilities: In this section we will be exploring the different threat vectors and vulnerabilities that threat actors use to exploit organisations and individuals.
Section 4 - The Intelligence Cycle: In this section we will be looking at one of the foundations of Cyber Threat Intelligence, the Intelligence Cycle. This is an incredibly important concept and one that you will use throughout your career in this profession.
Section 5 - Analytic Models: In this section we will begin exploring some of the simple analytical models you can use to start mapping threat actors and their tactics, techniques and procedures to a victim.
Section 6 - Attack Lifecycle: In this section we will be diving deeper into the realms of analytical models for mapping threat actors and their respective capability. In order to do so, we will be introducing you to Lockheed Martin's Cyber Kill Chain and how we can use it in conjunction with the Diamond Model.
Section 7 - Understanding Risk: In this section we will be exploring risk and how it applies to the day to day role of a Cyber Threat Intelligence Analyst.

Section 8 - Intelligence Requirements: In this section we will be introducing you to some important terminology used in Cyber Threat Intelligence and how structuring your interactions with the intelligence customer, can assist you in delivering great intelligence.
Section 9 - The Importance of Project Review: In this section we will take a look at why project reviews are a valuable way for Cyber Threat Intelligence teams to improve their performance and skills. They also offer a mechanism to help fuel continuous improvement as well as improve team morale.
Section 10 - Intelligence Gaps: In this section we will be exploring intelligence gaps, how they are formed and what you can do to best reduce the impact they may have on intelligence requirements.

Section 11 - Introduction to Collection: In this section we explore the collection phase of the intelligence cycle, using concepts taught in the first module of the course to dive a little deeper into this key area of Cyber Threat Intelligence.
Section 12 - Use of a Collection Worksheet: In this section we take a deeper dive into the collection worksheet and really start to breakdown the individual components and their uses.
Section 13 - Types of Sources: In this section we will be taking a look at the types of sources you may come across during your time as a Cyber Threat Intelligence Analyst professional.
Section 14 - Sources, Reliability and Grading: In this section we take a further look at the sources available to us, and begin to look at the reliability of them within the wider scope of intelligence.
Section 15 - CTI Specific Sources: In this section we will begin looking at CTI specific sources, develop an understanding around what it means to 'pivot' and we will be demonstrating some different tools available to support you.
Section 16 - Basic Source Analysis: In this section we will be taking a look at how we analyse sources for accuracy, reliability and motivation. We will also take a look at source misdirection and how it can impact your role as a Cyber Threat Intelligence Analyst.
Section 17 - Boolean Search Strings: In this section we will be looking at Boolean Search Strings and the impact that they can have - if used correctly - on the collection phase of the intelligence project.
Section 18 - Operational Security: In this section we will be looking at an incredibly vital part of Cyber Threat Intelligence, Operational Security. Dependent on where you work or what you are researching, there is a very good chance that Operational Security will be a requirement.

Section 19 - Hypothesis Testing: In this section we really start to get into the detail of hypothesis generation and take a look at the origins of Analysis of Competing Hypothesis (ACH).
Section 20 - Facts and Assumptions: In this section we are going to explore the really important concept of information reliability. An important part of your job as a Cyber Threat Intelligence Analyst is to make sure the information you are using is verifiable and reliable.
Section 21 - Expressing the Likelihood of Certainty: In this section we will be tackling the important topic of expressive language within Cyber Threat Intelligence reporting and how, if used incorrectly can be misleading to the intelligence customer.
Section 22 - Circular Reporting: In this section we will be taking a look at circular reporting in the real-world and how it can effect your practice as a Cyber Threat Intelligence Analyst. This links in to the earlier section around information reliability.
Section 23 - Cognitive Bias: In this section we will be taking a look at cognitive bias and the effect it can have on almost everything in our day-to-day lives, let alone how it can effect our capability as a CTI Analyst.
Section 24 - Analytical Techniques: In this section we will be exploring different types of data sets and how we interpret them. We will be looking at things like network diagrams, timelines and more.

Section 25 - Structured Machine Readable: In this section we will be exploring machine readable data and how we can use this to structure and present large quantities of intelligence in a useful and meaningful way.
Section 26 - Unstructured Human Readable: In this section we will be looking into the concept of human readable threat intelligence and how as CTI Analysts, we can alter our delivery methods to suit the intelligence customer.
Section 27 - Intelligence Sharing: In this section we will be looking into how we share intelligence and this concept of 'need to know vs need to share'.

Section 28 - Introduction to Legal and Ethical Practices: In this section we will begin to lift the lid on legal and ethical considerations within the context of Cyber Threat Intelligence.
Section 29 - Handling Classified Information: In this section we will be discussing classified information and how we, as CTI Analysts should handle it. This section focuses primarily on British standards relating to this subject, inline with the CREST exam syllabus.
Section 30 - Key Legislation: In this section we dissect the relevant laws that are applicable to you as a Cyber Threat Intelligence Analyst.
Section 31 - Dealing with Legal and Ethical Uncertainty: In this section we will be looking at legal and ethical uncertainty, what to do when you encounter it, and how you as a CTI professional can stay on the straight and narrow.
Section 32 - CREST Code of Conduct: In this section we will take a look at the CREST Code of Conduct and what is expected of member organisations and individuals who have achieved accredited status with CREST.

Instructor Profile

Stewart Bertram

Stewart has worked within the field of Intelligence and Security for the past 18 years with experience across both the private and public sector. Starting his career in 2004 in the Intelligence Corps of the British Army, Stewart entered the private sector in 2009 and has held a number of roles in Cyber Threat Intelligence (CTI) since then. These have included product development, service delivery and consulting, with his most recent roles involving the management of specialist teams involved in research into the cyber criminal underground and nation state threat actors.

Holding both a Masters in Computing and a Master of Letters in Terrorism Studies from St. Andrews University. Stewart was also among the first in the world to pass the CREST Certified Threat Intelligence Manager (CCTIM) examination.

Stewart’s research interests and work have always sat at the intersection of technology, security and people focused issues. These unique areas of focus are bought to bare within his role at arcX, where he is responsible for the design and delivery of the core CREST related CTI courses and oversight of the wider Cyber Threat Intelligence stream.

CREST Accredited Training

This course not only prepares you to sit your CPTIA examination, it also teaches you how to do the job of a cyber threat intelligence analyst and provides you with the confidence to operate within a threat intelligence team.

Our course has gone through rigorous review by CREST to ensure our content maps to the CPTIA examination syllabus and covers all required areas and topics. Once you have successfully completed the arcX final exam, you should be more than prepared to undertake the CREST examination.

There is no CREST exam voucher included in the purchase of this course.