New Year Special Limited Time 70% Discount Offer - Ends in 0d 00h 00m 00s - Coupon code: 70special

ECCouncil 312-85 Certified Threat Intelligence Analyst (CTIA) Exam Practice Test

Page: 1 / 5
Total 50 questions

Certified Threat Intelligence Analyst (CTIA) Questions and Answers

Testing Engine

  • Product Type: Testing Engine
$37.5  $124.99

PDF Study Guide

  • Product Type: PDF Study Guide
$33  $109.99
Question 1

Michael, a threat analyst, works in an organization named TechTop, was asked to conduct a cyber-threat intelligence analysis. After obtaining information regarding threats, he has started analyzing the information and understanding the nature of the threats.

What stage of the cyber-threat intelligence is Michael currently in?

Options:

A.

Unknown unknowns

B.

Unknowns unknown

C.

Known unknowns

D.

Known knowns

Question 2

A threat analyst wants to incorporate a requirement in the threat knowledge repository that provides an ability to modify or delete past or irrelevant threat data.

Which of the following requirement must he include in the threat knowledge repository to fulfil his needs?

Options:

A.

Protection ranking

B.

Evaluating performance

C.

Data management

D.

Searchable functionality

Question 3

An XYZ organization hired Mr. Andrews, a threat analyst. In order to identify the threats and mitigate the effect of such threats, Mr. Andrews was asked to perform threat modeling. During the process of threat modeling, he collected important information about the treat actor and characterized the analytic behavior of the adversary that includes technological details, goals, and motives that can be useful in building a strong countermeasure.

What stage of the threat modeling is Mr. Andrews currently in?

Options:

A.

System modeling

B.

Threat determination and identification

C.

Threat profiling and attribution

D.

Threat ranking

Question 4

Which of the following types of threat attribution deals with the identification of the specific person, society, or a country sponsoring a well-planned and executed intrusion or attack over its target?

Options:

A.

Nation-state attribution

B.

True attribution

C.

Campaign attribution

D.

Intrusion-set attribution

Question 5

Jame, a professional hacker, is trying to hack the confidential information of a target organization. He identified the vulnerabilities in the target system and created a tailored deliverable malicious payload using an exploit and a backdoor to send it to the victim.

Which of the following phases of cyber kill chain methodology is Jame executing?

Options:

A.

Reconnaissance

B.

Installation

C.

Weaponization

D.

Exploitation

Question 6

Tracy works as a CISO in a large multinational company. She consumes threat intelligence to understand the changing trends of cyber security. She requires intelligence to understand the current business trends and make appropriate decisions regarding new technologies, security budget, improvement of processes, and staff. The intelligence helps her in minimizing business risks and protecting the new technology and business initiatives.

Identify the type of threat intelligence consumer is Tracy.

Options:

A.

Tactical users

B.

Strategic users

C.

Operational users

D.

Technical users

Question 7

What is the correct sequence of steps involved in scheduling a threat intelligence program?

1. Review the project charter

2. Identify all deliverables

3. Identify the sequence of activities

4. Identify task dependencies

5. Develop the final schedule

6. Estimate duration of each activity

7. Identify and estimate resources for all activities

8. Define all activities

9. Build a work breakdown structure (WBS)

Options:

A.

1-->9-->2-->8-->3-->7-->4-->6-->5

B.

3-->4-->5-->2-->1-->9-->8-->7-->6

C.

1-->2-->3-->4-->5-->6-->9-->8-->7

D.

1-->2-->3-->4-->5-->6-->7-->8-->9

Question 8

Karry, a threat analyst at an XYZ organization, is performing threat intelligence analysis. During the data collection phase, he used a data collection method that involves no participants and is purely based on analysis and observation of activities and processes going on within the local boundaries of the organization.

Identify the type data collection method used by the Karry.

Options:

A.

Active data collection

B.

Passive data collection

C.

Exploited data collection

D.

Raw data collection

Question 9

Which of the following components refers to a node in the network that routes the traffic from a workstation to external command and control server and helps in identification of installed malware in the network?

Options:

A.

Repeater

B.

Gateway

C.

Hub

D.

Network interface card (NIC)

Question 10

Walter and Sons Company has faced major cyber attacks and lost confidential data. The company has decided to concentrate more on the security rather than other resources. Therefore, they hired Alice, a threat analyst, to perform data analysis. Alice was asked to perform qualitative data analysis to extract useful information from collected bulk data.

Which of the following techniques will help Alice to perform qualitative data analysis?

Options:

A.

Regression analysis, variance analysis, and so on

B.

Numerical calculations, statistical modeling, measurement, research, and so on.

C.

Brainstorming, interviewing, SWOT analysis, Delphi technique, and so on

D.

Finding links between data and discover threat-related information

Question 11

Cybersol Technologies initiated a cyber-threat intelligence program with a team of threat intelligence analysts. During the process, the analysts started converting the raw data into useful information by applying various techniques, such as machine-based techniques, and statistical methods.

In which of the following phases of the threat intelligence lifecycle is the threat intelligence team currently working?

Options:

A.

Dissemination and integration

B.

Planning and direction

C.

Processing and exploitation

D.

Analysis and production

Question 12

In which of the following storage architecture is the data stored in a localized system, server, or storage hardware and capable of storing a limited amount of data in its database and locally available for data usage?

Options:

A.

Distributed storage

B.

Object-based storage

C.

Centralized storage

D.

Cloud storage

Question 13

Lizzy, an analyst, wants to recognize the level of risks to the organization so as to plan countermeasures against cyber attacks. She used a threat modelling methodology where she performed the following stages:

Stage 1: Build asset-based threat profiles

Stage 2: Identify infrastructure vulnerabilities

Stage 3: Develop security strategy and plans

Which of the following threat modelling methodologies was used by Lizzy in the aforementioned scenario?

Options:

A.

TRIKE

B.

VAST

C.

OCTAVE

D.

DREAD

Question 14

In which of the following attacks does the attacker exploit vulnerabilities in a computer application before the software developer can release a patch for them?

Options:

A.

Active online attack

B.

Zero-day attack

C.

Distributed network attack

D.

Advanced persistent attack

Question 15

SecurityTech Inc. is developing a TI plan where it can drive more advantages in less funds. In the process of selecting a TI platform, it wants to incorporate a feature that ranks elements such as intelligence sources, threat actors, attacks, and digital assets of the organization, so that it can put in more funds toward the resources which are critical for the organization’s security.

Which of the following key features should SecurityTech Inc. consider in their TI plan for selecting the TI platform?

Options:

A.

Search

B.

Open

C.

Workflow

D.

Scoring

Page: 1 / 5
Total 50 questions