INTRODUCTION
- Who we are
- Who you are
- Administrative items
- Course overview/agenda
INTEL OVERVIEW (REVIEW)
- Review of Intel 101 (CST 330)
STRUCTURED ANALYSIS OVERVIEW
- (Re) Introduction to Structured Analysis
- Grouping of techniques by: method/use-case, collaborative effort, complexity
- Structured argumentation
- Habits of a “master thinker”
ORGANIZING TECHNIQUES
- Sorting tools
- Chronologies and timelines
- Link charts and diagrams
- Matrices
IMAGINATIVE THINKING
- Brainstorming
- Outside-In-thinking
- Red Team analysis
- Alternative futures analysis
- Counterfactual reasoning
- Morphological reasoning
DECISION MAKING
- Event mapping
- Event tree
- Subjective probability
- Weighted ranking
- Argument mapping
DIAGNOSTIC TECHNIQUES
- Key assumption check
- Quality of information check
- Indicators or signpost of change
- Analysis of competing hypotheses
- Adversary intentions matrix
CONTRARIAN TECHNIQUES
- Devil’s advocacy
- Team A/Team B
- High-impact/low probability
- What if?
Exam Details
- User Management
- Sensor Deployment
- Host Management
- Group Creation
- Prevention Policies
- Custom IOA Rules
- Sensor Update Policy
- Quarantine Files
- IOC Management
- Containment Policies
- Exclusions
- Reports
- Real Time Response Policy/Audit Logs
- API Clients and Keys
- Notification Workflow
