EC-Council CTIA Module 3.3 Practice Test 001

By /

This practice test covers Module 3 (Requirements, Planning, Direction, and Review) Sub-module 3 (Plan a Threat Intelligence Program).

These questions are inspired by the EC-Council CTIA exam and are designed to help you test your knowledge of cyber threat intelligence, threats and frameworks, and other related topics. Some questions require multiple correct answers.

These are not official exam questions or brain dumps. They are original scenario-based questions created to reflect the skills and knowledge tested in the CTIA exam.

Note: CTIA is a registered trademark of EC-Council. This content is not affiliated with or endorsed by EC-Council.

To choose CTIA practice tests based on specific modules and sub-modules, click that link

EC-Council CTIA Module 3.3 Practice Test 001
10 questions • Single best answer
Question 1
A CTI program manager at a regional electric utility needs to document which threat actors, intelligence types, and business units will be in scope for the new program. What planning element captures these boundaries?
    Question 2
    A threat intelligence team is preparing active collection operations against external adversary infrastructure. Before beginning, the team must document legal constraints, authorized collection methods, and permissible targets. What document governs these boundaries?
      Question 3
      An MSSP's CISO asks the CTI lead to produce the document that formally authorizes the threat intelligence program, establishes program objectives, assigns authority to the program lead, and secures resource commitments from leadership. Which document fulfills this requirement?
        Question 4
        A CTI program at a healthcare network is developing governance documents that define acceptable use of threat data, data handling requirements, information classification, and expected analyst conduct. What type of document is the team creating?
          Question 5
          A new CTI analyst reviews a document listing the team's PIRs, designated collection sources, analysis workflows, reporting cadence, and dissemination targets for each stakeholder group. What type of document is the analyst reading?
            Question 6
            A CTI program manager at a retail conglomerate is told by the CISO that the new program must directly support business risk priorities, not just technical security objectives. Which planning activity establishes this strategic alignment?
              Question 7
              A financial services firm is building a CTI team and must assign responsibility for managing incoming raw data feeds, producing finished intelligence reports, and ensuring outputs reach the right decision-makers. What planning element defines these distinct assignments?
                Question 8
                A SOC director reviewing a newly drafted threat intelligence program plan notes that it lacks guidance for analysts when collection methods may cross legal or ethical limits. Which missing component should the director require?
                  Question 9
                  A CTI manager asks the team which document must be prepared first to formally authorize the new threat intelligence program before scope definitions, policies, or collection plans are finalized. What is the correct answer?
                    Question 10
                    An incident response team asks a CTI program manager why active threat-actor tracking was halted despite critical intelligence gaps. The manager explains that the required collection methods would have violated a documented program constraint. Which document enforces those constraints?
                      Answered: 0/10

                      Related Posts

                      Leave a Comment

                      Your email address will not be published. Required fields are marked *

                      Scroll to Top