312-85 Certified Threat Intelligence Analyst (CTIA) exam is a specialist level training and certification that provides security professionals with a structured approach for acquiring threat intelligence. Passcert provides the latest Certified Threat Intelligence Analyst (CTIA) 312-85 Dumps which contain real questions and answers that are helpful for you to clear the 312-85 Certified Threat Intelligence Analyst Exam. Each of the information are extremely uniquely organized within the Certified Threat Intelligence Analyst (CTIA) 312-85 Dumps so you are going to improve your degree of preparation and take the Certified Threat Intelligence Analyst (CTIA) exam confidently. It will guide you how to pass your EC-Council 312-85 exam successfully.

Certified Threat Intelligence Analyst (CTIA) from EC-Council is a credentialing certification and training program. This highly valued certification has been exclusively devised in collaboration with threat intelligence and cybersecurity experts worldwide to empower organizations effectively to identify and mitigate security risks with extensive processing and analysis of available threat information. The CTIA is a specialist level training and certification that demonstrates security professionals the structured approach to acquiring threat intelligence. The CTIA certified candidates attain a competitive edge over other information security professionals. This threat intelligence certification course delivers standards-based, intensive practical skills to the most essentially required threat intelligence across information security.

Certified Threat Intelligence Analyst (CTIA) is designed and developed in collaboration with cybersecurity and threat intelligence experts across the globe to help organizations identify and mitigate business risks by converting unknown internal and external threats into known threats. It is a comprehensive, specialist-level program that teaches a structured approach for building effective threat intelligence.

Number of Questions: 50

Duration: 2 hours

Availability: EC-Council Exam Portal

Test Format: Multiple Choice

Passing Score: 70%

Introduction to Threat Intelligence

Cyber Threats and Kill Chain Methodology

Requirements, Planning, Direction, and Review

Data Collection and Processing

Data Analysis

Intelligence Reporting and Dissemination

1.Which of the following components refers to a node in the network that routes the traffic from a workstation to external command and control server and helps in identification of installed malware in the network?

A. Repeater

B. Gateway

C. Hub

D. Network interface card (NIC)

Answer: B

2.Which of the following characteristics of APT refers to numerous attempts done by the attacker to gain entry to the target’s network?

A. Risk tolerance

B. Timeliness

C. Attack origination points

D. Multiphased

Answer: C

3.Moses, a threat intelligence analyst at InfoTec Inc., wants to find crucial information about the potential threats the organization is facing by using advanced Google search operators. He wants to identify whether any fake websites are hosted at the similar to the organization’s URL.

Which of the following Google search queries should Moses use?

A. related: www.infothech.org

B. info: www.infothech.org

C. link: www.infothech.org

D. cache: www.infothech.org

Answer: A

4.Henry. a threat intelligence analyst at ABC Inc., is working on a threat intelligence program. He was assigned to work on establishing criteria for prioritization of intelligence needs and requirements.

Which of the following considerations must be employed by Henry to prioritize intelligence requirements?

A. Understand frequency and impact of a threat

B. Understand data reliability

C. Develop a collection plan

D. Produce actionable data

Answer: A

5.During the process of threat intelligence analysis, John, a threat analyst, successfully extracted an indication of adversary’s information, such as Modus operandi, tools, communication channels, and forensics evasion strategies used by adversaries.

Identify the type of threat intelligence analysis is performed by John.

A. Operational threat intelligence analysis

B. Technical threat intelligence analysis

C. Strategic threat intelligence analysis

D. Tactical threat intelligence analysis

Answer: D

6.An attacker instructs bots to use camouflage mechanism to hide his phishing and malware delivery locations in the rapidly changing network of compromised bots. In this particular technique, a single domain name consists of multiple IP addresses.

Which of the following technique is used by the attacker?

A. DNS zone transfer

B. Dynamic DNS

C. DNS interrogation

D. Fast-Flux DNS

Answer: D

7.A team of threat intelligence analysts is performing threat analysis on malware, and each of them has come up with their own theory and evidence to support their theory on a given malware.

Now, to identify the most consistent theory out of all the theories, which of the following analytic processes must threat intelligence manager use?

A. Threat modelling

B. Application decomposition and analysis (ADA)

C. Analysis of competing hypotheses (ACH)

D. Automated technical analysis

Answer: C

8.Alice, an analyst, shared information with security operation managers and network operations center (NOC) staff for protecting the organizational resources against various threats. Information shared by Alice was highly technical and include threat actor TTPs, malware campaigns, tools used by threat actors, and so on.

Which of the following types of threat intelligence was shared by Alice?

A. Strategic threat intelligence

B. Tactical threat intelligence

C. Technical threat intelligence

D. Operational threat intelligence

Answer: C