EC-Council CTIA Module 3.5 Practice Test 003

This practice test covers Module 3 (Planning, Direction, and Review) Sub-module 5 (Build a Threat Intelligence Team).

These questions are inspired by the EC-Council CTIA exam and are designed to help you test your knowledge of cyber threat intelligence, threats and frameworks, and other related topics. Some questions require multiple correct answers.

These are not official exam questions or brain dumps. They are original scenario-based questions created to reflect the skills and knowledge tested in the CTIA exam.

Note: CTIA is a registered trademark of EC-Council. This content is not affiliated with or endorsed by EC-Council.

To choose CTIA practice tests based on specific modules and sub-modules, click that link

EC-Council CTIA Practice Test of the Day 260628

10 questions • Single best answer

Question 1

A program lead at a pharmaceutical company is staffing a new intelligence function. They define the skills, roles, and headcount needed before recruiting. What activity is the lead performing?

A. Disseminating intelligence B. Building the threat intelligence team C. Writing detection signatures D. Collecting raw feeds

Question 2

The lead seeks a specialist who reverse-engineers malicious code to extract indicators and behaviors. They define this role for the team. Which role best fits this need?

A. Malware analyst B. Program sponsor C. Executive stakeholder D. Compliance auditor

Question 3

When defining team competencies, the lead lists analytical reasoning, technical knowledge, and communication ability as essential. They need a term for this combined set. What is it called?

A. An incident report B. A sharing agreement C. The required skill set D. A delivery mechanism

Question 4

The lead must decide whether to hire experienced analysts externally or develop existing staff internally. Both options carry trade-offs in cost and time. What decision is the lead facing?

A. Choosing a SIEM vendor B. Selecting an indicator format C. Writing rules of engagement D. Build-versus-buy staffing

Question 5

A new team needs someone to set direction, manage stakeholders, and report value to executives. The lead defines this leadership role. Which position fits this responsibility?

A. Threat intelligence program manager B. Threat actor C. Junior data-entry clerk D. External sharing partner

Question 6

The lead assigns one analyst to focus on adversary behaviors and long-term trends, and another to push real-time indicators to the SOC. What principle is the lead applying?

A. Eliminating all analyst roles B. Specialization of team functions C. Outsourcing the entire team D. Removing management support

Question 7

Leadership asks why a multidisciplinary team outperforms a single generalist analyst. The lead explains the benefit. What is the main advantage of a diverse team?

A. It guarantees zero breaches B. It removes the need for tools C. It covers a broader range of skills and threats D. It eliminates the requirements phase

Question 8

The lead defines who reports to whom and how analysts coordinate with the SOC and incident response. They formalize these reporting lines. What is the lead establishing?

A. An indicator feed B. The team structure and reporting lines C. A malware sandbox D. A YARA rule

Question 9

An analyst on the team must convey findings clearly to both technical responders and non-technical executives. The lead lists this as a core competency. Which skill is being emphasized?

A. Communication skills B. Lock-picking C. Physical surveillance D. Hardware soldering

Question 10

Before recruiting, the lead writes a description of duties, required experience, and reporting relationships for each open position. They need a name for this document. What is it?

A. A dissemination plan B. An indicator of compromise C. A sharing community D. A role definition

EC-Council CTIA Module 3.5 Practice Test 003

Related Posts

Leave a Comment Cancel Reply