EC-Council CTIA Module 3.4 Practice Test 001

By /

This practice test covers Module 3 (Requirements, Planning, Direction, and Review) Sub-module 4 (Establish Management Support).

These questions are inspired by the EC-Council CTIA exam and are designed to help you test your knowledge of cyber threat intelligence, threats and frameworks, and other related topics. Some questions require multiple correct answers.

These are not official exam questions or brain dumps. They are original scenario-based questions created to reflect the skills and knowledge tested in the CTIA exam.

Note: CTIA is a registered trademark of EC-Council. This content is not affiliated with or endorsed by EC-Council.

To choose CTIA practice tests based on specific modules and sub-modules, click that link

EC-Council CTIA Module 3.4 Practice Test 001
10 questions • Single best answer
Question 1
A threat intelligence lead at a global pharmaceutical company is preparing to request dedicated budget and headcount for a formal CTI program. Before presenting to the CISO and CFO, what must the analyst develop to justify the investment and secure leadership approval?
    Question 2
    A newly formed CTI team at a national retail chain lacks authority to access cross-departmental data or compel IT teams to act on intelligence findings. Which management support mechanism would most directly resolve this limitation?
      Question 3
      A CISO at a mid-sized technology firm asks the CTI program manager to demonstrate program value to the board of directors at the next quarterly review. Which metric most effectively communicates CTI return on investment to non-technical executives?
        Question 4
        A CTI program manager at a federal contractor is systematically identifying every team, department, and executive whose operations depend on or benefit from threat intelligence outputs. What activity is the manager performing to structure management support?
          Question 5
          A CTI lead preparing a monthly executive briefing must choose metrics that reflect program impact rather than collection volume. Which KPI set best demonstrates threat intelligence program effectiveness to senior leadership?
            Question 6
            An analyst is asked to brief the board of directors on a nation-state campaign targeting the company's supply chain. What communication approach is most appropriate when presenting threat intelligence to non-technical senior executives?
              Question 7
              A CTI program lead at a healthcare organization notes that while the CISO verbally supports the program, staffing requests are routinely rejected at the executive committee level. What is the most likely root cause of this failure to obtain management support?
                Question 8
                A CTI manager building a business case includes documented cost savings from prevented incidents, estimated breach cost avoidance, and measurable efficiency gains from intelligence-driven alert triage. What component of the business case do these items collectively represent?
                  Question 9
                  A CTI analyst discovers during an active intrusion investigation that a threat actor has compromised an executive's corporate email account. Per the CTI program's escalation policy, what is the most appropriate immediate action?
                    Question 10
                    A CTI program manager asked by the CISO to demonstrate measurable program value after six months of operations decides to compile documented cases. Which approach most effectively shows management that CTI outputs are supporting business decisions?
                      Answered: 0/10

                      Related Posts

                      Leave a Comment

                      Your email address will not be published. Required fields are marked *

                      Scroll to Top