EC-Council CTIA Module 3.4 Practice Test 003

This practice test covers Module 3 (Planning, Direction, and Review) Sub-module 4 (Establish Management Support).

These questions are inspired by the EC-Council CTIA exam and are designed to help you test your knowledge of cyber threat intelligence, threats and frameworks, and other related topics. Some questions require multiple correct answers.

These are not official exam questions or brain dumps. They are original scenario-based questions created to reflect the skills and knowledge tested in the CTIA exam.

Note: CTIA is a registered trademark of EC-Council. This content is not affiliated with or endorsed by EC-Council.

To choose CTIA practice tests based on specific modules and sub-modules, click that link

EC-Council CTIA Practice Test of the Day 260628

10 questions • Single best answer

Question 1

A CTI analyst at a retail company must convince senior leaders to fund and back the new intelligence program. Without this backing, resources stall. What is the analyst primarily trying to secure?

A. Management support B. An indicator feed C. A YARA rule D. A malware sample

Question 2

To win approval, the team prepares a document showing the program's expected costs, benefits, and risk reduction in business terms. They need its name. What is this document called?

A. An analyst runbook B. An incident report C. A business case D. A sharing agreement

Question 3

When briefing the board, the analyst frames intelligence benefits as reduced breach likelihood and protected revenue rather than technical detail. A peer asks why. Why frame it this way?

A. To increase indicator counts B. To align with business priorities executives value C. To bypass requirements analysis D. To avoid using any frameworks

Question 4

An executive asks how the program's value compares to its cost. The analyst presents a return-on-investment figure. What does this metric demonstrate?

A. The number of intelligence feeds B. The attacker's identity C. The malware family in use D. The program's value relative to its cost

Question 5

Without sustained executive backing, the program risks losing budget, staff, and priority over time. The lead stresses this point. What does securing management support primarily ensure?

A. Ongoing resources and organizational commitment B. Zero false positives C. Automatic threat attribution D. Elimination of all threats

Question 6

The lead schedules regular updates with executives to maintain visibility and trust in the program. A colleague asks the value. What is the main benefit of this ongoing engagement?

A. It replaces data collection B. It automatically generates indicators C. It sustains management buy-in D. It writes the analyst runbooks

Question 7

Management questions which threats justify spending. The analyst ties program priorities to the organization's defined risk tolerance. What does this alignment most help secure?

A. More malware samples B. A new SIEM license C. A YARA signature D. Leadership approval and funding

Question 8

To prove the program works, the team reports threats blocked and incidents prevented to leadership. A reviewer asks the intent. What is the purpose of presenting these metrics?

A. To increase attacker dwell time B. To demonstrate measurable program value C. To replace the threat landscape D. To eliminate dissemination

Question 9

For the program to gain authority and budget, support must come from those who control organizational resources. The lead identifies whose backing matters most. Whose support is most critical?

A. External threat actors B. Anonymous tip lines C. Senior management and executives D. End-user employees only

Question 10

An analyst avoids jargon like TTPs when speaking with the CFO and instead discusses financial risk. A peer asks the benefit. What does translating intelligence into business language achieve?

A. Stronger executive understanding and support B. Faster malware analysis C. More atomic indicators D. Reduced collection scope

EC-Council CTIA Module 3.4 Practice Test 003

Related Posts

Leave a Comment Cancel Reply