EC-Council CTIA Module 6.2 Practice Test 003

This practice test covers Module 6 (Intelligence Reporting and Dissemination) Sub-module 2 (Dissemination).

These questions are inspired by the EC-Council CTIA exam and are designed to help you test your knowledge of cyber threat intelligence, threats and frameworks, and other related topics. Some questions require multiple correct answers.

These are not official exam questions or brain dumps. They are original scenario-based questions created to reflect the skills and knowledge tested in the CTIA exam.

Note: CTIA is a registered trademark of EC-Council. This content is not affiliated with or endorsed by EC-Council.

To choose CTIA practice tests based on specific modules and sub-modules, click that link

EC-Council CTIA Practice Test of the Day 260630

10 questions • Single best answer

Question 1

A CTI analyst at a telecom finishes a validated report and now delivers it to the SOC, executives, and partners who need it. Leadership asks what this final lifecycle phase is called. What is it?

A. Collection B. Dissemination C. Processing D. Direction

Question 2

A CTI lead labels a report 'TLP:RED' before sharing with a single trusted contact. A new analyst asks what that marking controls. What does it govern?

A. The report's file size B. The encryption algorithm used C. The analyst's pay grade D. How widely the recipient may share it

Question 3

A SOC at a hospital exchanges threat data with peers where every member both contributes and receives intelligence equally. An analyst names this arrangement. Which sharing model is it?

A. Source-to-consumer broadcast only B. One-way vendor push C. Hub-and-spoke with central coordinator D. Peer-to-peer mutual exchange

Question 4

A CTI program at a bank routes all shared intelligence through a central body that vets and redistributes it to members. An analyst names the model. Which is it?

A. Hub-and-spoke model B. Peer-to-peer model C. Standalone silo model D. Broadcast-only model

Question 5

A CTI manager wants each report delivered in the format and channel its audience prefers, whether dashboard, email, or feed. An analyst states the guiding principle. What should shape dissemination?

A. The cheapest channel regardless of fit B. Consumer needs and preferences C. The largest possible distribution list D. The analyst's favorite tool

Question 6

A government CTI team distinguishes sharing that flows in one direction only from sharing that flows both ways. An analyst labels the reciprocal type. Which term describes two-way sharing?

A. Unidirectional exchange B. Broadcast distribution C. Air-gapped transfer D. Bidirectional exchange

Question 7

A CTI analyst at a retailer must ensure sensitive shared intelligence reaches only authorized recipients. A reviewer asks which principle applies. What should govern distribution?

A. Need-to-know and access controls B. Maximum public visibility C. Random recipient selection D. Unlimited forwarding by anyone

Question 8

An MSSP shares indicators with clients automatically through a feed their tools ingest without manual steps. An analyst names this delivery approach. Which exchange type is this?

A. Verbal handoff B. Printed newsletter C. Automated machine-to-machine sharing D. In-person meeting only

Question 9

A CTI lead worries that disseminating to too many parties could expose a sensitive source. An analyst recommends balancing two priorities. Which tension must dissemination manage?

A. Font size versus page count B. Storage cost versus backup speed C. CPU usage versus memory D. Sharing breadth versus source protection

Question 10

A new analyst confuses dissemination with reporting. The CTI lead clarifies concisely. Which statement best distinguishes them?

A. They are identical phases with the same goal B. Reporting produces the product; dissemination delivers it to consumers C. Dissemination gathers raw data while reporting stores it D. Reporting only happens after dissemination

EC-Council CTIA Module 6.2 Practice Test 003

Related Posts

Leave a Comment Cancel Reply