Explanation should include
- differentiating between threats, vulnerability, and risks
- identifying attributes of threat actors
- script kiddies
- hackers
- hacktivists
- organized crime
- competitors
- nation state actors and/or advanced persistent threats
- malicious insider threats
- identifying the cyber kill chain
- identifying indicators of compromise
- identifying open source intelligence
- identifying deep web vs. dark web.