CPTIA Exam Dumps : CREST Practitioner Threat Intelligence Analyst

A negligent insider is an individual within an organization who, due to a lack of knowledge on security threats or in an attempt to increase workplace efficiency, inadvertently bypasses security procedures or makes errors that compromise security. This type of insider threat is not malicious in intent; rather, it stems from carelessness, oversight, or a lack of proper security training. Such insiders might click on phishing links, mishandle sensitive information, or use unsecured networks for work-related tasks, thereby exposing the organization to potential security breaches. This contrasts with compromised insiders (who are manipulated by external parties), professional insiders (who misuse their access for personal gain), and malicious insiders (who intentionally aim to harm the organization).References:The Incident Handler (CREST CPTIA) courses and study guides discuss different types of insider threats, emphasizing the importance of security awareness training to mitigate the risks associated with negligent insiders.

For Alice to perform qualitative data analysis, techniques such as brainstorming, interviewing, SWOT (Strengths, Weaknesses, Opportunities, Threats) analysis, and the Delphi technique are suitable. Unlike quantitative analysis, which involves numerical calculations and statistical modeling, qualitative analysis focuses on understanding patterns, themes, and narratives within the data. These techniques enable the analyst to explore the data's deeper meanings and insights, which are essential for strategic decision-making and developing a nuanced understanding of cybersecurity threats and vulnerabilities.References:

"Qualitative Research Methods in Cybersecurity," SANS Institute Reading Room

"The Delphi Method for Cybersecurity Risk Assessment," by Cybersecurity and Infrastructure Security Agency (CISA)

Wireshark is a widely used network protocol analyzer that helps in capturing and interactively browsing the traffic on a network. It is an essential tool for incident responders like Eric who are developing incident-handling plans and procedures. By analyzing network traffic, Wireshark allows users to see what is happening on their network at a microscopic level, making it invaluable for troubleshooting network problems, analyzing security incidents, and understanding network behavior. Whois is used for querying databases that store registered users or assignees of an Internet resource. Burp Suite is a tool for testing web application security, and FaceNiff is used for session hijacking within a WiFi network, which makes Wireshark the best choice for analyzing network traffic.References:CREST materials often reference Wireshark as a fundamental tool for network analysis, crucial for incident handlers in the analysis phase of incident response.