EC-Council CTIA Module 5.8 Practice Test 003

This practice test covers Module 5 (Data Analysis) Sub-module 8 (Threat Intelligence Tools).

These questions are inspired by the EC-Council CTIA exam and are designed to help you test your knowledge of cyber threat intelligence, threats and frameworks, and other related topics. Some questions require multiple correct answers.

These are not official exam questions or brain dumps. They are original scenario-based questions created to reflect the skills and knowledge tested in the CTIA exam.

Note: CTIA is a registered trademark of EC-Council. This content is not affiliated with or endorsed by EC-Council.

To choose CTIA practice tests based on specific modules and sub-modules, click that link

EC-Council CTIA Practice Test of the Day 260630

10 questions • Single best answer

Question 1

A CTI analyst at a bank needs one platform to aggregate, normalize, and correlate indicators from many feeds before pushing them to defenses. A teammate names the tool category. What is it?

A. A vulnerability scanner B. A ticketing system C. A backup appliance D. A Threat Intelligence Platform (TIP)

Question 2

An analyst at a hosting provider wants to map suspicious infrastructure by pivoting across domains, IPs, and registration data visually. A colleague recommends a tool type. Which best fits this need?

A. A password manager B. A link-analysis and visualization tool C. A disk imaging utility D. A patch management server

Question 3

A SOC at a hospital wants to enrich an unknown file hash with reputation data and prior detections from many engines. An analyst names the right resource. Which should they query?

A. A malware reputation and lookup service B. A payroll database C. A wireless access point D. A spreadsheet of staff phone numbers

Question 4

A CTI team wants to share machine-readable indicators with partners in a standard format their tools can ingest automatically. An analyst recommends a standard. Which supports this exchange?

A. PDF reports only B. Verbal phone briefings C. STIX/TAXII D. Printed memos

Question 5

An analyst at a cloud firm needs to detonate a suspicious attachment safely and observe its behavior without risking production systems. A teammate names the tool. What should she use?

A. A production email server B. A network switch C. A printer queue D. A malware sandbox

Question 6

A CTI program at an MSSP wants automated, multi-step response workflows that pull intelligence and act across security tools. An analyst names the platform category. Which fits best?

A. A SOAR platform B. A spreadsheet macro C. A help-desk chatbot D. A file compression utility

Question 7

A threat hunter at a government agency wants to collect open-source intelligence on a target domain across public records and social data. An analyst recommends a tool type. Which applies?

A. A backup scheduler B. An OSINT collection framework C. A RAID controller D. A VPN concentrator

Question 8

A CTI lead at a retailer evaluates whether a chosen TIP fits the program. She prioritizes how well it connects with the existing SIEM and EDR. Which selection criterion is she weighing?

A. Office building location B. Marketing reputation C. Integration capability D. Vendor logo design

Question 9

An analyst at a manufacturer wants to write detection rules that match malware by patterns in file content and strings. A teammate names the tooling. Which should she use?

A. DHCP leases B. YARA rules C. DNS zone files D. SNMP traps

Question 10

A CTI manager at an insurer chooses between commercial and open-source intelligence tools. She weighs support, cost, and customization. Which statement best guides her decision?

A. Open-source tools always outperform commercial ones B. Commercial tools never require integration effort C. Tool choice should ignore the program's requirements D. Selection should match the program's needs and resources

EC-Council CTIA Module 5.8 Practice Test 003

Related Posts

Leave a Comment Cancel Reply