EC-Council CTIA Module 1.3 Practice Test 002

This practice test covers Module 1 (Introduction to Threat Intelligence) Sub-module 3 (Intelligence Lifecycle and Frameworks).

These questions are inspired by the EC-Council CTIA exam and are designed to help you test your knowledge of cyber threat intelligence, threats and frameworks, and other related topics. Some questions require multiple correct answers.

These are not official exam questions or brain dumps. They are original scenario-based questions created to reflect the skills and knowledge tested in the CTIA exam.

Note: CTIA is a registered trademark of EC-Council. This content is not affiliated with or endorsed by EC-Council.

To choose CTIA practice tests based on specific modules and sub-modules, click that link

EC-Council CTIA Module 1.3 Practice Test 002

10 questions • Single best answer

Question 1

A new program at a federal agency begins by defining stakeholder needs and key questions before any data is gathered. The manager calls this the foundation phase. Which lifecycle phase is described?

A. Planning and direction B. Collection C. Dissemination D. Processing

Question 2

After requirements are set, a team gathers OSINT, feeds, and internal logs relevant to the questions. No interpretation happens at this stage. Which phase are they in?

A. Analysis B. Dissemination C. Feedback D. Collection

Question 3

Raw gathered data arrives in many formats and languages, much of it noise. Before interpretation, analysts normalize, translate, and filter it. Which phase does this describe?

A. Collection B. Processing and exploitation C. Dissemination D. Direction

Question 4

Processed data is now interpreted to answer the original questions and produce contextual judgments. The output becomes a usable product. Which phase is this?

A. Collection B. Planning C. Analysis and production D. Feedback

Question 5

The finished report is delivered to executives and SOC consumers in formats suited to each. Distribution channels matter at this point. Which lifecycle phase covers this delivery?

A. Dissemination B. Processing C. Collection D. Requirements

Question 6

After delivery, stakeholders tell the team which products helped and which questions remain open. This input refines the next cycle. Which phase captures this?

A. Collection B. Analysis C. Processing D. Feedback

Question 7

A program manager sketches the lifecycle and asks which phase immediately follows gathering raw data. The answer prepares that data for interpretation. Which phase comes next?

A. Dissemination B. Processing C. Feedback D. Direction

Question 8

A CISO assesses how advanced the capability is, from ad hoc and reactive to optimized and proactive. She uses a tiered scale for this evaluation. Which tool is she applying?

A. Diamond Model B. Cyber Kill Chain C. Threat intelligence maturity model D. MoSCoW method

Question 9

Before building the program, leadership defines long-term goals, scope, and how intelligence aligns with business objectives. This high-level plan guides all activity. What is being defined?

A. Threat intelligence strategy B. A YARA rule C. An IoC feed D. A runbook

Question 10

An analyst notes the lifecycle does not end at delivery but loops back as new requirements emerge from consumer input. The process repeats indefinitely. This characteristic is best described as what?

A. Linear and one-time B. Strictly final C. Random and unordered D. Cyclical and continuous

EC-Council CTIA Module 1.3 Practice Test 002

Related Posts

Leave a Comment Cancel Reply