EC-Council CTIA Module 5.5 Practice Test 002

By /

This practice test covers Module 5 (Data Analysis) Sub-module 5 (Fine-Tuning Threat Analysis).

These questions are inspired by the EC-Council CTIA exam and are designed to help you test your knowledge of cyber threat intelligence, threats and frameworks, and other related topics. Some questions require multiple correct answers.

These are not official exam questions or brain dumps. They are original scenario-based questions created to reflect the skills and knowledge tested in the CTIA exam.

Note: CTIA is a registered trademark of EC-Council. This content is not affiliated with or endorsed by EC-Council.

To choose CTIA practice tests based on specific modules and sub-modules, click that link

EC-Council CTIA Module 5.5 Practice Test 002
10 questions • Single best answer
Question 1
An analyst at a managed security service provider sees the SOC overwhelmed by alerts, many of which prove harmless. Leadership asks the CTI team to refine its analysis so investigations focus on real threats. What is the primary goal of fine-tuning threat analysis?
    Question 2
    A financial services CTI team receives a batch of IP and domain indicators from a new feed. Before acting, an analyst confirms each indicator is genuinely malicious and still relevant. Which activity is the analyst performing?
      Question 3
      A government agency's CTI team holds thousands of indicators but limited response capacity. The intelligence lead wants effort directed at the indicators posing the greatest risk first. Which step accomplishes this?
        Question 4
        A SOC supporting a retail enterprise manually reviews every indicator, causing delays. The CTI team wants repetitive validation and enrichment handled without analyst involvement. What approach best addresses this?
          Question 5
          A threat intelligence analyst at a cloud provider finds many low-confidence, redundant indicators cluttering the platform. To sharpen detections, the team removes indicators that add little value. This filtering primarily aims to reduce what?
            Question 6
            During fine-tuning, a CTI analyst assigns each indicator a rating reflecting how certain the team is of its maliciousness. Detections then weight indicators accordingly. What is the analyst applying?
              Question 7
              An analyst reviewing the Pyramid of Pain wants tuning efforts to cause adversaries the most disruption. The team debates which artifacts to prioritize for detection. Focusing on which element imposes the greatest cost on attackers?
                Question 8
                A healthcare SOC notices old indicators from a resolved campaign still triggering alerts. The CTI team periodically retires indicators that are no longer relevant. This practice is best described as what?
                  Question 9
                  After each investigation, a CTI team at a manufacturing firm documents which indicators proved accurate and feeds that insight back into its process. Over time, analysis quality steadily improves. What does this practice establish?
                    Question 10
                    A CTI program manager wants to automate enrichment, scoring, and correlation to keep tuning consistent at scale. The team must select appropriate technology to support this. Which solution is most suitable?
                      Answered: 0/10

                      Related Posts

                      Leave a Comment

                      Your email address will not be published. Required fields are marked *

                      Scroll to Top