EC-Council CTIA Module 4.7 Practice Test 003

By /

This practice test covers Module 4 (Data Collection and Processing) Sub-module 7 (Threat Data Collection and Enrichment in Cloud Environments).

These questions are inspired by the EC-Council CTIA exam and are designed to help you test your knowledge of cyber threat intelligence, threats and frameworks, and other related topics. Some questions require multiple correct answers.

These are not official exam questions or brain dumps. They are original scenario-based questions created to reflect the skills and knowledge tested in the CTIA exam.

Note: CTIA is a registered trademark of EC-Council. This content is not affiliated with or endorsed by EC-Council.

To choose CTIA practice tests based on specific modules and sub-modules, click that link

EC-Council CTIA Practice Test of the Day 260629
10 questions • Single best answer
Question 1
A CTI analyst at a SaaS company collects activity records from the cloud provider that log every API call, who made it, and from where. Which native cloud data source provides this?
    Question 2
    A CTI team enriches a suspicious cloud-originating IP by querying reputation services and tying it to known campaigns. Leadership asks the purpose of this enrichment in the cloud. What is it?
      Question 3
      An analyst notes that in a public cloud, the provider secures the infrastructure while the customer secures their data and configurations. Which concept defines this division for threat data collection?
        Question 4
        A security team wants to collect and correlate threat signals across multiple cloud accounts and services from one managed console offered by the provider. Which tool category best fits?
          Question 5
          A healthcare provider must gather flow records showing connections between cloud workloads to detect lateral movement. Which cloud telemetry source provides this network-level visibility?
            Question 6
            An analyst struggles to collect data from short-lived containers and serverless functions that spin up and vanish quickly. Leadership asks what makes cloud collection harder here. What is the challenge?
              Question 7
              A CTI team correlates cloud identity logs to spot a user assuming unusual roles and accessing resources from new regions. Which threat does this enriched cloud telemetry most directly help detect?
                Question 8
                An analyst ingests cloud logs into a central platform but finds each service uses different field names and formats. Which processing step is needed before correlation across services?
                  Question 9
                  A government tenant must automatically pull cloud security findings into its CTI pipeline using the provider's programmatic interface. Which mechanism enables this automated collection?
                    Question 10
                    A multi-cloud enterprise wants one consolidated view of threat data spanning several providers and on-prem systems. Which approach best supports unified cloud threat collection and enrichment?
                      Answered: 0/10

                      Related Posts

                      Leave a Comment

                      Your email address will not be published. Required fields are marked *

                      Scroll to Top