EC-Council CTIA Module 5.6 Practice Test 002

By /

This practice test covers Module 5 (Data Analysis) Sub-module 6 (Threat Intelligence Evaluation).

These questions are inspired by the EC-Council CTIA exam and are designed to help you test your knowledge of cyber threat intelligence, threats and frameworks, and other related topics. Some questions require multiple correct answers.

These are not official exam questions or brain dumps. They are original scenario-based questions created to reflect the skills and knowledge tested in the CTIA exam.

Note: CTIA is a registered trademark of EC-Council. This content is not affiliated with or endorsed by EC-Council.

To choose CTIA practice tests based on specific modules and sub-modules, click that link

EC-Council CTIA Module 5.6 Practice Test 002
10 questions • Single best answer
Question 1
A SOC analyst at a regional hospital receives a feed item flagged 'A1' under a standardized rating scale. A colleague asks what that grade actually conveys about the input. What does this scoring assess?
    Question 2
    An intelligence lead at an MSSP must decide whether a finished product is fit for release to clients. He weighs whether it is accurate, relevant, timely, and able to drive defensive measures. Which attribute captures whether it directly supports decisions?
      Question 3
      A CTI analyst at a retail chain receives a detailed report on ICS malware targeting power plants. The organization operates no industrial control systems whatsoever. Which evaluation criterion does this product most clearly fail?
        Question 4
        A threat hunter receives intelligence on an active campaign three weeks after the adversary infrastructure was already dismantled. The indicators are accurate but no longer useful for defense. Which quality dimension is the primary shortfall?
          Question 5
          During product review at a government CTI cell, a lead notices an analyst's conclusions reflect personal assumptions rather than evidence. She flags this as a threat to analytic quality. Which evaluation concern is she addressing?
            Question 6
            A CTI manager at a financial services firm institutes a post-dissemination review where consumers rate whether products met their needs. The results refine future collection and analysis. What does this mechanism primarily establish?
              Question 7
              Analysts at a defense contractor link an intrusion to a known state-sponsored group using shared infrastructure, malware, and tradecraft. They formally assign responsibility for the activity. This analytic conclusion is best described as what?
                Question 8
                A CTI team at a cloud provider receives an indicator from a single unverified source. Before acting, they cross-check it against multiple independent feeds. This corroboration step primarily improves which quality attribute?
                  Question 9
                  An incident response team complains that a CTI product lists indicators but omits adversary TTPs and the context needed to scope the breach. The information present is correct but insufficient. Which evaluation criterion is lacking?
                    Question 10
                    A CTI program manager at an insurance company must show executives that the program delivers value. She measures whether intelligence reduced risk and improved response times. Which type of metric best demonstrates this?
                      Answered: 0/10

                      Related Posts

                      Leave a Comment

                      Your email address will not be published. Required fields are marked *

                      Scroll to Top