EC-Council CTIA Module 3.1 Practice Test 002

This practice test covers Module 3 (Planning, Direction, and Review) Sub-module 1 (Organization’s Current Threat Landscape).

These questions are inspired by the EC-Council CTIA exam and are designed to help you test your knowledge of cyber threat intelligence, threats and frameworks, and other related topics. Some questions require multiple correct answers.

These are not official exam questions or brain dumps. They are original scenario-based questions created to reflect the skills and knowledge tested in the CTIA exam.

Note: CTIA is a registered trademark of EC-Council. This content is not affiliated with or endorsed by EC-Council.

To choose CTIA practice tests based on specific modules and sub-modules, click that link

EC-Council CTIA Module 3.1 Practice Test 002

10 questions • Single best answer

Question 1

A threat intelligence team at an insurance firm begins program planning by cataloging which systems and data would cause the greatest harm if compromised. They focus resources accordingly. What are these high-value assets commonly called?

A. Honeypots B. Decoys C. Crown jewels D. Sandboxes

Question 2

Before setting requirements, analysts assess which adversaries and attack types most realistically target their sector. This shapes program focus. What is this activity?

A. Identifying critical threats B. Buying hardware C. Writing runbooks D. Patching servers

Question 3

The team enumerates all internet-facing systems, apps, and entry points an attacker could target. The sum of these exposure points is known as what?

A. Kill chain B. Honeynet C. Threat feed D. Attack surface

Question 4

With limited resources, leadership prioritizes protecting assets whose loss would most damage operations and revenue. Which factor drives this prioritization?

A. Alphabetical order B. Business impact C. Vendor preference D. Office location

Question 5

An analyst compiles the full picture of relevant threat actors, their TTPs, and trends affecting the organization's industry. This overall view is called what?

A. The runbook B. The SIEM C. The threat landscape D. The firewall ruleset

Question 6

A hospital's program emphasizes ransomware and patient-data theft, while a bank's emphasizes fraud and wire theft. What does this difference reflect?

A. Industry-specific threat profiles B. Identical threats everywhere C. Random selection D. Vendor marketing

Question 7

Before assessing threats, the team must know what it is protecting, so it builds a complete list of systems and data. What foundational artifact is this?

A. A YARA rule B. A phishing email C. A honeypot D. An asset inventory

Question 8

The assessment includes both threats actively hitting the firm now and those forecast to grow. Including future risks makes the view what?

A. Purely historical B. Forward-looking and proactive C. Irrelevant D. Static

Question 9

Findings about top adversaries and gaps feed directly into defining what intelligence the program must produce. The landscape assessment primarily serves what next step?

A. Buying coffee B. Painting offices C. Defining intelligence requirements D. Ending the program

Question 10

Leadership weighs each threat by its likelihood and potential damage to set priorities. Combining likelihood and impact yields what measure?

A. An IoC B. A hash C. A patch D. Risk

EC-Council CTIA Module 3.1 Practice Test 002

Related Posts

Leave a Comment Cancel Reply