EC-Council CTIA Module 8.2 Practice Test 003

This practice test covers Module 8 (Threat Intelligence in SOC Operations, Incident Response, and Risk Management) Sub-module 2 (Threat Intelligence in Risk Management).

These questions are inspired by the EC-Council CTIA exam and are designed to help you test your knowledge of cyber threat intelligence, threats and frameworks, and other related topics. Some questions require multiple correct answers.

These are not official exam questions or brain dumps. They are original scenario-based questions created to reflect the skills and knowledge tested in the CTIA exam.

Note: CTIA is a registered trademark of EC-Council. This content is not affiliated with or endorsed by EC-Council.

To choose CTIA practice tests based on specific modules and sub-modules, click that link

EC-Council CTIA Practice Test of the Day 260702
10 questions • Single best answer
Question 1
A risk manager at an insurance firm wants adversary trends to inform which risks get funded first. A CTI analyst feeds intelligence into the process. What does this mainly improve?
    Question 2
    A CTI analyst maps active threats to the organization's assets to estimate exposure. A colleague names the risk component being informed. Which factor does intelligence most directly refine?
      Question 3
      A governance lead wants intelligence embedded across identify, assess, and treat stages rather than used once. An analyst names this approach. What is being described?
        Question 4
        A CTI team helps leadership decide whether to accept, mitigate, or transfer a specific risk. An analyst names what intelligence supports here. What does it enable?
          Question 5
          A CISO wants intelligence to flag when a previously low risk becomes urgent due to active exploitation. An analyst names this capability. What does intelligence provide?
            Question 6
            A risk committee asks the CTI team which strategic threats could impact business objectives over the next year. An analyst names the intelligence type suited to this. Which fits?
              Question 7
              A manager wants intelligence to justify security spending by linking investments to real adversary activity. An analyst names the benefit. What does this support?
                Question 8
                A CTI analyst updates a risk assessment after new intelligence shows a vendor was breached. A reviewer names the risk domain affected. Which risk does this most inform?
                  Question 9
                  A risk lead wants a common view where threats, vulnerabilities, and assets combine into a single score. An analyst names what intelligence contributes. Which element does it supply?
                    Question 10
                    A new analyst confuses simply listing threats with feeding intelligence into risk decisions. The lead clarifies. Which statement is most accurate?

                      Leave a Comment

                      Your email address will not be published. Required fields are marked *

                      Scroll to Top