EC-Council CTIA Module 8.2 Practice Test 001

By /

This practice test covers Module 8 (Threat Intelligence in SOC Operations, Incident Response, and Risk Management) Sub-module 2 (Threat Intelligence in Risk Management).

These questions are inspired by the EC-Council CTIA exam and are designed to help you test your knowledge of cyber threat intelligence, threats and frameworks, and other related topics. Some questions require multiple correct answers.

These are not official exam questions or brain dumps. They are original scenario-based questions created to reflect the skills and knowledge tested in the CTIA exam.

Note: CTIA is a registered trademark of EC-Council. This content is not affiliated with or endorsed by EC-Council.

To choose CTIA practice tests based on specific modules and sub-modules, click that link

EC-Council CTIA Module 8.2 Practice Test 001
10 questions • Single best answer
Question 1
A manufacturing firm's risk committee bases cyber risk scores on outdated assumptions about likely attacks. The CTI lead offers current adversary data to ground these estimates in evidence. How does threat intelligence improve risk management?
    Question 2
    A risk analyst combines the likelihood of a threat exploiting a weakness with the business impact if it does. An instructor asks what fundamental risk equation this reflects. Which is correct?
      Question 3
      A CTI team provides intelligence showing a threat actor actively targeting the organization's specific industry and technologies. A risk manager asks how this most directly affects the risk register. Which answer is most accurate?
        Question 4
        After threat intelligence elevates the risk of a ransomware campaign, leadership chooses to invest in offline backups and segmentation. A risk manager asks which risk treatment option this represents. Which is correct?
          Question 5
          A risk team uses strategic threat intelligence about long-term adversary trends to guide multi-year security investment planning. An analyst asks which intelligence tier best informs this executive-level risk planning. Which is correct?
            Question 6
            A risk manager wants intelligence to help focus limited budget on the threats most likely to cause severe business harm. An analyst asks what this intelligence-driven approach to risk primarily enables. Which answer is most accurate?
              Question 7
              A CTI team feeds continuous threat updates into the risk process so assessments reflect the changing threat landscape rather than a single annual snapshot. A manager asks what this continuous input makes the risk process. Which answer is most accurate?
                Question 8
                A risk committee decides to purchase cyber insurance to offset potential losses from a threat intelligence highlights as severe but unlikely. An analyst asks which risk treatment this choice represents. Which is correct?
                  Question 9
                  A risk analyst maps intelligence about adversary capabilities to the organization's known vulnerabilities to see where exposure is greatest. A manager asks what this mapping primarily produces. Which answer is most accurate?
                    Question 10
                    An executive asks the CTI team to express cyber risk in business terms, such as potential financial and operational impact, rather than purely technical detail. An analyst asks why this framing matters for risk management. Which answer is most accurate?
                      Answered: 0/10

                      Related Posts

                      Leave a Comment

                      Your email address will not be published. Required fields are marked *

                      Scroll to Top