[&] What is the primary purpose of understanding a threat actor's tactics, techniques, and procedures (TTPs)?
- To create a public profile of the threat actor for legal actions
- To anticipate and mitigate potential future attacks -- Correct
- To develop software that exactly mimics these procedures
- To replace existing security protocols with these methods

[&] What are indicators of compromise (IOCs) in the context of cyber threat intelligence?
- They are strategic plans developed by organizations to prevent threats
- Data collected from vulnerability scans and asset inventories
- They are software tools used to identify and block cyber attacks
- They are artifacts like malicious IP addresses, domain names, file hashes, or email headers -- Correct

[&] How do threat intelligence platforms (TIPs) enhance collaboration among security teams?
- They provide a user-friendly interface for sharing information quickly
- By facilitating the integration of detection rules and alerts between teams
- By providing tools for documenting and standardizing response procedures
- By enabling the sharing and correlation of threat data across multiple sources -- Correct

[&] Why is it important for organizations to incorporate threat intelligence feeds into their security systems?
- To exclusively focus on external physical security threats
- To enhance detection and response capabilities against cyber threats -- Correct
- To delay detection and response to critical threats
- To reduce the number of required security personnel

[&] Which of the following best describes the role of threat intelligence feeds in a SOC?
- Providing archived information on outdated threats
- Offering continuous real-time data on emerging threats -- Correct
- Cataloging known malware for historical analysis
- Publishing annual reports on cybersecurity trends