EC-Council CTIA Module 1.5 Practice Test 002

This practice test covers Module 1 (Introduction to Threat Intelligence) Sub-module 5 (Threat Intelligence in the Cloud Environment).

These questions are inspired by the EC-Council CTIA exam and are designed to help you test your knowledge of cyber threat intelligence, threats and frameworks, and other related topics. Some questions require multiple correct answers.

These are not official exam questions or brain dumps. They are original scenario-based questions created to reflect the skills and knowledge tested in the CTIA exam.

Note: CTIA is a registered trademark of EC-Council. This content is not affiliated with or endorsed by EC-Council.

To choose CTIA practice tests based on specific modules and sub-modules, click that link

EC-Council CTIA Module 1.5 Practice Test 002

10 questions • Single best answer

Question 1

A security team migrating workloads to a public cloud asks how intelligence applies differently there. The lead stresses cloud-specific risks like misconfigurations and API abuse. What model defines who secures what between provider and customer?

A. Zero trust model B. Kill chain C. Shared responsibility model D. Diamond model

Question 2

Intelligence repeatedly flags exposed storage buckets as the top cause of cloud data leaks at peer firms. The team prioritizes this risk. Which cloud threat is highlighted?

A. Misconfiguration B. Physical theft C. Cable tapping D. BIOS rootkit

Question 3

A firm needs visibility and policy enforcement for data moving between users and cloud apps, informed by intelligence. Which security tool sits between users and cloud services to enforce this?

A. WAF B. IDS C. HSM D. CASB

Question 4

Intelligence warns that stolen cloud credentials are being used to take over tenant accounts and pivot. The team adds MFA and monitoring. Which cloud threat does this address?

A. DDoS B. Account hijacking C. SQL injection D. Firmware tampering

Question 5

Threat reporting shows attackers abusing weakly authenticated cloud service interfaces to extract data programmatically. The team hardens these interfaces. Which cloud risk is this?

A. Tailgating B. Dumpster diving C. Insecure APIs D. Shoulder surfing

Question 6

Rather than only external feeds, the team consumes native threat detections and findings from its cloud provider's own security services. What is this source?

A. Provider-native threat intelligence B. Dark web forum C. Physical guard logs D. Printer telemetry

Question 7

Under the cloud model, the provider secures the underlying infrastructure, but configuration and data protection remain with whom?

A. The provider alone B. No one C. The regulator D. The customer

Question 8

Intelligence notes that flaws allowing one tenant to access another's data are a unique concern in shared cloud infrastructure. Which characteristic creates this risk?

A. Air-gapping B. Multi-tenancy C. On-prem isolation D. Single tenancy

Question 9

Analysts collect indicators specific to cloud workloads, such as anomalous API calls and unusual IAM role usage. These cloud-native artifacts guide detection. What are these called?

A. Physical access logs B. Network cable taps C. Cloud indicators of compromise D. Building badge records

Question 10

By applying intelligence to its cloud environment, a firm detects threats faster and prioritizes cloud-specific risks before exploitation. What is the core value here?

A. Proactive cloud threat detection B. Eliminating all cloud cost C. Removing the provider's role D. Disabling all APIs

EC-Council CTIA Module 1.5 Practice Test 002

Related Posts

Leave a Comment Cancel Reply