EC-Council CTIA Module 2.1 Practice Test 002

This practice test covers Module 2 (Cyber Threats and Attack Frameworks) Sub-module 1 (Cyber Threats).

These questions are inspired by the EC-Council CTIA exam and are designed to help you test your knowledge of cyber threat intelligence, threats and frameworks, and other related topics. Some questions require multiple correct answers.

These are not official exam questions or brain dumps. They are original scenario-based questions created to reflect the skills and knowledge tested in the CTIA exam.

Note: CTIA is a registered trademark of EC-Council. This content is not affiliated with or endorsed by EC-Council.

To choose CTIA practice tests based on specific modules and sub-modules, click that link

EC-Council CTIA Module 2.1 Practice Test 002

10 questions • Single best answer

Question 1

A threat analyst at a commercial bank categorizes who might attack them. One group is state-sponsored, well-funded, and pursues espionage over long periods. Which threat actor type is this?

A. Script kiddie B. Nation-state actor C. Insider error D. Natural disaster

Question 2

Reporting attributes a website defacement campaign to a group motivated by political ideology rather than profit. They seek publicity for a cause. Which actor type fits?

A. Hacktivist B. Cybercriminal C. Nation-state D. Insider

Question 3

An actor deploys ransomware purely to extort payment for personal enrichment. Money is the sole driver. Which threat actor category is this?

A. Hacktivist B. Nation-state spy C. Whistleblower D. Organized cybercriminal

Question 4

A departing employee with legitimate access copies sensitive files to sell to a competitor. The risk originates inside the organization. Which threat type is this?

A. Script kiddie B. Natural disaster C. Insider threat D. Nation-state

Question 5

An unsophisticated attacker uses prebuilt tools downloaded online without understanding them. The motive is thrill-seeking rather than profit. Which actor type is described?

A. Nation-state B. Script kiddie C. Advanced persistent threat D. Insider

Question 6

A staff member accidentally emails customer data to the wrong recipient, causing a breach with no malicious intent. Which threat category does this represent?

A. Intentional attack B. Nation-state C. Hacktivism D. Unintentional threat

Question 7

Attackers exfiltrate trade secrets from a research firm. The stolen data's secrecy is destroyed once leaked. Which security objective is primarily violated?

A. Confidentiality B. Availability C. Safety D. Redundancy

Question 8

A flood of traffic overwhelms an e-commerce site, taking it offline during peak sales. Customers cannot reach the service. Which security objective is attacked?

A. Confidentiality B. Non-repudiation C. Availability D. Integrity

Question 9

An attacker silently alters financial records in a database so totals no longer match reality. Trust in the data's accuracy is broken. Which objective is compromised?

A. Availability B. Integrity C. Confidentiality D. Redundancy

Question 10

A manager confuses terms. The potential malicious event or actor that could cause harm, independent of any weakness, is best called what?

A. A vulnerability B. A control C. An asset D. A threat

EC-Council CTIA Module 2.1 Practice Test 002

Related Posts

Leave a Comment Cancel Reply