EC-Council CTIA Module 3.5 Practice Test 002

By /

This practice test covers Module 3 (Planning, Direction, and Review) Sub-module 5 (Build a Threat Intelligence Team).

These questions are inspired by the EC-Council CTIA exam and are designed to help you test your knowledge of cyber threat intelligence, threats and frameworks, and other related topics. Some questions require multiple correct answers.

These are not official exam questions or brain dumps. They are original scenario-based questions created to reflect the skills and knowledge tested in the CTIA exam.

Note: CTIA is a registered trademark of EC-Council. This content is not affiliated with or endorsed by EC-Council.

To choose CTIA practice tests based on specific modules and sub-modules, click that link

EC-Council CTIA Module 3.5 Practice Test 002
10 questions • Single best answer
Question 1
A hospital network's CISO is forming its first dedicated CTI unit and must decide what comes before recruiting personnel. The unit's purpose and deliverables remain vague. What should leadership clarify first?
    Question 2
    An MSSP is staffing a new intelligence cell and reviewing candidate qualifications. Managers debate which competency matters most for turning technical findings into briefings for non-technical clients. Which capability is most relevant?
      Question 3
      A government agency's intelligence director evaluates applicants for analyst positions. He wants individuals who can weigh competing hypotheses and avoid bias when interpreting fragmented data. Which trait is he prioritizing?
        Question 4
        A critical infrastructure operator maps out who will use the CTI team's outputs versus who creates them. Executives receiving strategic briefings fall into one category. What is this group called?
          Question 5
          A regional retailer with a limited security budget is establishing its first CTI function. The manager worries that over-hiring will strain resources without delivering clear value. What approach best fits?
            Question 6
            An incident response team lead is recruiting an intelligence specialist who can interpret malware behavior and network artifacts during investigations. Which background is most essential for this role?
              Question 7
              A financial services firm struggles to retain CTI analysts who feel their skills stagnate. The team lead seeks a sustainable way to keep staff engaged and capable as threats evolve. What should she invest in?
                Question 8
                A CTI program defines responsibilities so members know their function. One subgroup gathers raw data, analyzes it, and creates finished intelligence for stakeholders. What are these members?
                  Question 9
                  An organization lacking internal expertise considers whether to build capabilities internally or contract a third party for intelligence services. Leadership weighs cost, control, and speed to maturity. Which model trades direct control for faster capability?
                    Question 10
                    A threat intelligence manager notes analysts must coordinate with SOC, IR, and risk teams daily. He emphasizes one interpersonal quality that ensures intelligence is shared effectively across these groups. Which quality is he stressing?
                      Answered: 0/10

                      Related Posts

                      Leave a Comment

                      Your email address will not be published. Required fields are marked *

                      Scroll to Top