EC-Council CTIA Module 8.2 Practice Test 002

By /

This practice test covers Module 8 (Threat Intelligence in SOC Operations, Incident Response, and Risk Management) Sub-module 2 (Threat Intelligence in Risk Management).

These questions are inspired by the EC-Council CTIA exam and are designed to help you test your knowledge of cyber threat intelligence, threats and frameworks, and other related topics. Some questions require multiple correct answers.

These are not official exam questions or brain dumps. They are original scenario-based questions created to reflect the skills and knowledge tested in the CTIA exam.

Note: CTIA is a registered trademark of EC-Council. This content is not affiliated with or endorsed by EC-Council.

To choose CTIA practice tests based on specific modules and sub-modules, click that link

EC-Council CTIA Module 8.2 Practice Test 002
10 questions • Single best answer
Question 1
A risk management team at a healthcare provider integrates external threat feeds into its periodic risk reviews. They want intelligence to improve one specific input to their risk calculations. Which factor does threat intelligence most directly inform?
    Question 2
    An enterprise GRC analyst begins the risk management cycle by cataloging threats that could affect critical systems. Intelligence on active adversaries targeting the sector is fed in at this earliest stage. Which step does this describe?
      Question 3
      A risk committee briefs the board on long-term cyber exposure tied to geopolitical tensions and sector-wide campaigns. They request intelligence aligned to high-level business and investment decisions. Which type of threat intelligence best fits?
        Question 4
        After applying controls informed by threat intelligence, a financial firm measures the exposure that still remains. Analysts must report this remaining level to leadership. What is this called?
          Question 5
          A CISO defines the maximum amount of cyber risk the organization is willing to tolerate while pursuing its goals. Threat intelligence later verifies that exposure stays within this boundary. What is this predefined threshold?
            Question 6
            Threat intelligence flags a high-likelihood threat against a legacy system scheduled for retirement soon. Leadership chooses to formally tolerate the exposure rather than fund new controls. Which risk treatment is this?
              Question 7
              A manufacturer uses threat intelligence to quantify ransomware exposure, then buys a cyber insurance policy to shift potential financial loss to a third party. Leadership wants the burden carried elsewhere. Which risk treatment strategy is this?
                Question 8
                During planning, a junior analyst confuses two security functions. The lead clarifies that using intelligence to assess and prioritize potential future exposure, rather than reacting to an active breach, defines one discipline. Which one is it?
                  Question 9
                  A GRC team maintains a central document listing identified threats with their likelihood, impact, owners, and treatment status. It is continuously updated with new threat intelligence. What is this artifact called?
                    Question 10
                    A cloud-services provider feeds real-time threat intelligence into its risk program. Shifts in adversary activity automatically trigger reassessment of previously scored risks. Which ongoing risk activity does this support?
                      Answered: 0/10

                      Related Posts

                      Leave a Comment

                      Your email address will not be published. Required fields are marked *

                      Scroll to Top