EC-Council CTIA Module 5.2 Practice Test 003

This practice test covers Module 5 (Data Analysis) Sub-module 2 (Data Analysis Techniques).

These questions are inspired by the EC-Council CTIA exam and are designed to help you test your knowledge of cyber threat intelligence, threats and frameworks, and other related topics. Some questions require multiple correct answers.

These are not official exam questions or brain dumps. They are original scenario-based questions created to reflect the skills and knowledge tested in the CTIA exam.

Note: CTIA is a registered trademark of EC-Council. This content is not affiliated with or endorsed by EC-Council.

To choose CTIA practice tests based on specific modules and sub-modules, click that link

EC-Council CTIA Practice Test of the Day 260629

10 questions • Single best answer

Question 1

A CTI analyst lists every plausible explanation for an intrusion, then systematically scores each against the evidence to find the one with the least disconfirming data. Which structured technique is this?

A. Analysis of Competing Hypotheses B. Brainstorming C. Pyramid of Pain D. Cyber Kill Chain

Question 2

An analyst applying ACH is taught to focus on evidence that argues against each hypothesis rather than evidence that supports it. Leadership asks why this emphasis is used. What is the reason?

A. It speeds up data collection B. It encrypts the evidence C. It reduces analyst bias D. It eliminates all hypotheses

Question 3

A SOC team uses software to record hypotheses, evidence, and consistency ratings in a shared matrix for collaborative review. Which technique does this tooling support?

A. Port scanning B. Structured Analysis of Competing Hypotheses C. Disk imaging D. Log rotation

Question 4

An analyst plots incident counts over twelve months and spots a steady upward movement in phishing attempts. Which analytic output describes this directional pattern over time?

A. A hash value B. A firewall rule C. A trend D. A honeypot

Question 5

A threat analyst groups similar events by shared attributes to reveal that many alerts trace to one campaign. Which technique organizes data into related groups?

A. Clustering B. Encryption C. Tokenization D. Sandboxing

Question 6

An analyst challenges the team's leading conclusion by deliberately arguing the opposing case to expose weak assumptions. Which structured analytic technique is being applied?

A. Data normalization B. Patch management C. Load testing D. Devil's advocacy

Question 7

A healthcare CTI team feeds large labeled datasets into algorithms that learn to flag malicious patterns automatically. Which analytic approach are they leveraging?

A. Manual triage only B. Paper-based review C. Machine learning D. Physical surveillance

Question 8

An analyst builds a visual map linking actors, infrastructure, and victims with connecting lines to expose hidden relationships. Which technique presents data this way?

A. Regression testing B. Link analysis C. Fuzzing D. Log compression

Question 9

A CTI lead notes that structured techniques like ACH are valuable mainly because they make reasoning explicit and repeatable. Leadership asks the chief benefit of such structured methods. What is it?

A. They remove the need for data B. They guarantee correct conclusions C. They hide analyst reasoning D. They reduce bias and improve rigor

Question 10

An analyst flags a data point that deviates sharply from the expected pattern, such as a single huge data transfer at 3 a.m. Which analytic finding does this represent?

A. An anomaly B. A baseline C. A signature D. A checksum

EC-Council CTIA Module 5.2 Practice Test 003

Related Posts

Leave a Comment Cancel Reply