EC-Council CTIA Module 4.5 Practice Test 003

This practice test covers Module 4 (Data Collection and Processing) Sub-module 5 (Bulk Data Collection).

These questions are inspired by the EC-Council CTIA exam and are designed to help you test your knowledge of cyber threat intelligence, threats and frameworks, and other related topics. Some questions require multiple correct answers.

These are not official exam questions or brain dumps. They are original scenario-based questions created to reflect the skills and knowledge tested in the CTIA exam.

Note: CTIA is a registered trademark of EC-Council. This content is not affiliated with or endorsed by EC-Council.

To choose CTIA practice tests based on specific modules and sub-modules, click that link

EC-Council CTIA Practice Test of the Day 260629

10 questions • Single best answer

Question 1

A CTI team at a large telecom ingests massive volumes of raw logs, feeds, and network captures into a central repository for later analysis. They label this acquisition approach for documentation. What is it?

A. Targeted sampling B. Manual triage C. Single-source polling D. Bulk data collection

Question 2

After collecting terabytes of raw threat data, an analyst struggles to store, index, and retrieve it efficiently for analysts. Leadership asks which discipline addresses organizing this large dataset. What is it?

A. Incident response B. Bulk data management C. Penetration testing D. Threat attribution

Question 3

Because reviewing every record in a huge dataset is impractical, an analyst selects a representative subset to analyze for trends. Which technique is being applied?

A. Full enumeration B. Data encryption C. Data sampling D. Data dissemination

Question 4

A cloud-native CTI platform must store petabyte-scale raw and unstructured threat data cheaply before any processing or schema is applied. Which storage concept best fits this need?

A. Data lake B. Firewall C. Load balancer D. VPN concentrator

Question 5

An MSSP gathers indiscriminately from many sources, accepting noise and irrelevant records to maximize coverage. Leadership asks the main drawback of this bulk approach. What is it?

A. Too few data points B. Inability to automate C. Loss of all internal logs D. High volume of noise to filter

Question 6

An analyst applies retention rules so older bulk data is archived or purged on a schedule to control storage costs and compliance. Which management practice is this?

A. Threat modeling B. Data lifecycle management C. Red teaming D. Social engineering

Question 7

A financial institution must decide between collecting only data tied to specific requirements versus sweeping in everything available. Which describes the focused, requirement-driven alternative to bulk collection?

A. Targeted collection B. Mass aggregation C. Indiscriminate harvesting D. Full-packet capture of all traffic

Question 8

An analyst ensures collected bulk records carry consistent timestamps, formats, and field names so tools can query them uniformly. Which processing goal supports this consistency?

A. Data exfiltration B. Data obfuscation C. Data normalization D. Data destruction

Question 9

A government CTI team uses distributed big-data frameworks to process huge threat datasets in parallel across many nodes. Leadership asks why such frameworks are chosen for bulk data. What is the reason?

A. They guarantee perfect attribution B. They scale to handle large data volumes C. They eliminate the need for storage D. They remove all false positives

Question 10

A healthcare SOC retains massive raw datasets containing patient-related logs and must respect privacy laws governing storage and access. Which factor most directly constrains how this bulk data is handled?

A. Marketing strategy B. Office floor plan C. Server paint color D. Regulatory compliance

EC-Council CTIA Module 4.5 Practice Test 003

Related Posts

Leave a Comment Cancel Reply