EC-Council CTIA Module 6.9 Practice Test 002

By /

This practice test covers Module 6 (Intelligence Reporting and Dissemination) Sub-module 9 (Threat Intelligence Sharing and Collaboration using Python Scripting).

These questions are inspired by the EC-Council CTIA exam and are designed to help you test your knowledge of cyber threat intelligence, threats and frameworks, and other related topics. Some questions require multiple correct answers.

These are not official exam questions or brain dumps. They are original scenario-based questions created to reflect the skills and knowledge tested in the CTIA exam.

Note: CTIA is a registered trademark of EC-Council. This content is not affiliated with or endorsed by EC-Council.

To choose CTIA practice tests based on specific modules and sub-modules, click that link

EC-Council CTIA Module 6.9 Practice Test 002
10 questions • Single best answer
Question 1
A SOC automation engineer at an MSSP writes a Python script that automatically forwards newly confirmed indicators to partner organizations. The team wants the output to be machine-readable across different tools. Which standardized representation should the script produce?
    Question 2
    An analyst develops a Python client that retrieves shared threat content from a partner's intelligence server. The exchange relies on a protocol built specifically for moving threat content between organizations. What is this protocol's primary function?
      Question 3
      A CTI developer scripts automated pulls of indicators from a widely used open-source platform through its API. The platform supports correlation and community sharing of IoCs. Which platform is being used?
        Question 4
        A threat hunter writes a script that flags a malware family using distinctive strings and byte sequences in files. She wants to share the detection logic in a format built for identifying and classifying malware. Which format fits?
          Question 5
          A development team integrates threat sharing into their pipeline using a dedicated Python library that wraps a popular sharing platform's API. The library lets them create events and push indicators programmatically. Which library are they most likely using?
            Question 6
            An analyst writes Python code to ingest a threat feed delivered over the web. The feed returns lightweight, human-readable structured text that the script parses directly into objects. Which data format is most likely being consumed?
              Question 7
              A CTI lead designs a sharing arrangement where one central organization collects intelligence and redistributes it to all members. Members do not exchange directly with each other. Which sharing model is described?
                Question 8
                A program manager clarifies team terminology. She notes that producing and packaging the finished report is one step, while delivering it to the right consumers is another. What term describes delivering intelligence to its intended audience?
                  Question 9
                  A compliance officer advises the CTI team on the U.S. law that encourages voluntary exchange of cyber threat indicators between private companies and the government, offering liability protections. Which law is being referenced?
                    Question 10
                    An engineer automates outbound sharing so confirmed indicators reach partners within seconds instead of manual emails sent hours later. What is the main advantage of scripting threat intelligence sharing this way?
                      Answered: 0/10

                      Related Posts

                      Leave a Comment

                      Your email address will not be published. Required fields are marked *

                      Scroll to Top