🔥 3-day streak
CompTIA CySA+ (CS0-003)84 / 147
Question 84 of 147
A threat intelligence analyst receives an indicator feed reporting that a specific IP range is associated with a ransomware group. The feed comes from an unvetted open-source blog that cites no primary sources, and the analyst cannot corroborate the claim with any other intelligence source. Before recommending that the SOC block the entire IP range at the perimeter firewall, which characteristic of this intelligence should the analyst weigh MOST heavily?
Reviewed for accuracy · Report an issueNext question