EC-Council CTIA Module 3.7 Practice Test 002

By /

This practice test covers Module 3 (Planning, Direction, and Review) Sub-module 7 (Review Threat Intelligence Program).

These questions are inspired by the EC-Council CTIA exam and are designed to help you test your knowledge of cyber threat intelligence, threats and frameworks, and other related topics. Some questions require multiple correct answers.

These are not official exam questions or brain dumps. They are original scenario-based questions created to reflect the skills and knowledge tested in the CTIA exam.

Note: CTIA is a registered trademark of EC-Council. This content is not affiliated with or endorsed by EC-Council.

To choose CTIA practice tests based on specific modules and sub-modules, click that link

EC-Council CTIA Module 3.7 Practice Test 002
10 questions • Single best answer
Question 1
A CTI lead at a federal agency conducts the annual review of the threat intelligence program. Leadership asks what the review primarily aims to determine. What is the main objective?
    Question 2
    An MSSP wants to demonstrate the performance of its threat intelligence program to clients. The analyst must select measurable indicators of effectiveness. Which choice best serves this purpose?
      Question 3
      After completing a threat intelligence engagement, a financial services CTI team wants to learn whether consumers found the products useful. The lead must choose the most direct method. What should the team do?
        Question 4
        A healthcare provider's CTI manager plans a threat intelligence-led engagement review. The team debates the appropriate timing for this assessment. When is it most appropriate to perform?
          Question 5
          During a program review, a critical infrastructure CTI team finds that some leadership intelligence needs were never addressed. The analyst must name what this exercise revealed. What does this finding represent?
            Question 6
            A SOC supporting a retail enterprise documents what worked and what failed after a threat intelligence engagement. The lead explains the purpose of capturing these notes. Why is this done?
              Question 7
              Following a review, a cloud-services CTI team learns that stakeholders now prioritize ransomware over insider threats. The analyst must decide how the program should respond. What is the appropriate action?
                Question 8
                An intelligence lead must justify continued funding for the threat intelligence program to the executive board. The lead needs to convey the program's worth in business terms. What should be demonstrated?
                  Question 9
                  A government CTI program institutionalizes periodic reviews so findings continually shape the next cycle. The analyst must label the principle this reflects. What does this practice embody?
                    Question 10
                    While reviewing the program, a bank's CTI analyst notices several subscribed feeds rarely produce relevant or actionable intelligence. The lead asks what action the review supports. What should the analyst recommend?
                      Answered: 0/10

                      Related Posts

                      Leave a Comment

                      Your email address will not be published. Required fields are marked *

                      Scroll to Top