01. In which of the following attacks does the attacker exploit vulnerabilities in a computer application before the software developer can release a patch for them?
a) Active online attack
b) Zero-day attack
c) Distributed network attack
d) Advanced persistent attack
02. A network administrator working in an ABC organization collected log files generated by a traffic monitoring system, which may not seem to have useful information, but after performing proper analysis by him. The same information can be used to detect an attack in the network.
Which of the following categories of threat information has he collected?
a) Advisories
b) Strategic reports
c) Detection indicators
d) Low-level data
03. Daniel is a professional hacker whose aim is to attack a system to steal data and money for profit. He performs hacking to obtain confidential data such as social security numbers, personally identifiable information (PII) of an employee, and credit card information.
After obtaining confidential data,he further sells the information on the black market to make money. Daniel comes under which of the following types of threat actor
a) Industrial spies
b) State-sponsored hackers
c) Insider threat
d) Organized hackers
04. Bob, a threat analyst, works in an organization named TechTop. He was asked to collect intelligence to fulfil the needs and requirements of the Red Tam present within the organization. Which of the following are the needs of a RedTeam?
a) Intelligence related to increased attacks targeting a particular software or operating system vulnerability
b) Intelligence on latest vulnerabilities, threat actors, and their tactics, techniques, and procedures (TTPs)
c) Intelligence extracted latest attacks analysis on similar organizations, which includes details about latest threats and TTPs
d) Intelligence that reveals risks related to various strategic business decisions
05. Cybersol Technologies initiated a cyber-threat intelligence program with a team of threat intelligence analysts. During the process, the analysts started converting the raw data into useful information by applying various techniques, such as machine- based techniques, and statistical methods.
In which of the following phases of the threat intelligence lifecycle is the threat intelligence team currently working?
a) Dissemination and integration
b) Planning and direction
c) Processing and exploitation
d) Analysis and production
06. Which of the following characteristics of APT refers to the persistence and repeated attempts made by the attacker to gain entry to the target’s network?
a) Risk tolerance
b) Timeliness
c) Persistence
d) Multiphased
07. During the process of threat intelligence analysis, John, a threat analyst, successfully extracted an indication of adversary’s information, such as Modus operandi, tools, communication channels, and forensics evasion strategies used by adversaries.
Identify the type of threat intelligence analysis is performed by John.
a) Operational threat intelligence analysis
b) Technical threat intelligence analysis
c) Strategic threat intelligence analysis
d) Tactical threat intelligence analysis
08. Which of the following types of threat attribution deals with the identification of the specific person, society, or a country sponsoring a well-planned and executed intrusion or attack over its target?
a) Nation-state attribution
b) True attribution
c) Campaign attribution
d) Intrusion-set attribution
09. Jian is a member of the security team at Trinity, Inc. He was conducting a real-time assessment of system activities in order to acquire threat intelligence feeds. He acquired feeds from sources like honeynets, P2P monitoring. infrastructure, and application logs.
Which of the following categories of threat intelligence feed was acquired by Jian?
a) Internal intelligence feeds
b) External intelligence feeds
c) CSV data feeds
d) Proactive surveillance feeds
10. In terms conducting data correlation using statistical data analysis, which data correlation technique is a nonparametric analysis, which measures the degree of relationship between two variables?
a) Pearson’s Correlation Coefficient
b) Spearman’s Rank Correlation Coefficient
c) Kendall’s Rank Correlation Coefficient
d) Einstein-Musk Growth Correlation Coefficient
The purpose of this Sample Question Set is to provide you with information about the EC-Council Certified Threat Intelligence Analyst exam. These sample questions will make you very familiar with both the type and the difficulty level of the questions on the 312-85 certification test. To get familiar with real exam environment, we suggest you try our Sample EC-Council CTIA Certification Practice Exam. This sample practice exam gives you the feeling of reality and is a clue to the questions asked in the actual EC-Council Certified Threat Intelligence Analyst (CTIA) certification exam.