Eccouncil 312 85 Certified Threat Intelligence Analyst Practice Test - Set 1

Test your knowledge with this Eccouncil 312 85 Certified Threat Intelligence Analyst mock exam. Get real-world IT questions and prepare for certification success.

312-85: Certified Threat Intelligence Analyst (C|TIA) - Exam Information

Exam Information

Exam Code

Eccouncil 312 85 Certified Threat Intelligence Analyst

Exam Title

312-85: Certified Threat Intelligence Analyst (C|TIA)

Vendor

EC Council

Difficulty

Advanced

Duration

3 Hours

Question Format

Multiple Choice

Last Updated

March 8, 2025

The 312-85 exam certifies skills in cyber threat intelligence gathering and analysis.

Practice Test

Shop Best 312-85: Certified Threat Intelligence Analyst (C|TIA) Resources Worldwide Amazon

1. What is the primary purpose of threat intelligence?

Understanding and mitigating cyber threats
Blocking all network traffic
Scanning for open ports
Configuring antivirus software

2. Which type of threat intelligence focuses on immediate, actionable information?

Tactical
Strategic
Operational
Technical

3. What is the primary goal of strategic threat intelligence?

To inform long-term decision-making
To block network traffic
To scan for vulnerabilities
To configure firewalls

4. Which framework is commonly used for threat intelligence sharing?

STIX
MITRE ATT&CK
NIST CSF
ISO 27001

5. What is the purpose of the MITRE ATT&CK framework?

To model adversary tactics and techniques
To block network traffic
To scan for vulnerabilities
To configure firewalls

6. Which type of threat intelligence is derived from internal logs and monitoring?

Internal
External
Open Source
Closed Source

7. What is the primary purpose of a Threat Intelligence Platform (TIP)?

To aggregate and analyze threat data
To block network traffic
To scan for vulnerabilities
To configure firewalls

8. Which type of threat intelligence is obtained from publicly available sources?

Open Source
Internal
Closed Source
Proprietary

9. What is the primary goal of operational threat intelligence?

To support day-to-day security operations
To block network traffic
To scan for vulnerabilities
To configure firewalls

10. Which tool is commonly used for analyzing malware in threat intelligence?

Cuckoo Sandbox
Wireshark
Nmap
Metasploit

11. What is the purpose of the Diamond Model in threat intelligence?

To analyze cyber threats and adversaries
To block network traffic
To scan for vulnerabilities
To configure firewalls

12. Which type of threat intelligence is focused on specific industries or sectors?

Sector-Specific
Tactical
Strategic
Operational

13. What is the primary purpose of Indicators of Compromise (IoCs)?

To identify potential security incidents
To block network traffic
To scan for vulnerabilities
To configure firewalls

14. Which type of threat intelligence is derived from proprietary or paid sources?

Closed Source
Open Source
Internal
Proprietary

15. What is the primary goal of technical threat intelligence?

To provide detailed information about specific threats
To block network traffic
To scan for vulnerabilities
To configure firewalls

16. Which tool is commonly used for network traffic analysis in threat intelligence?

Wireshark
Cuckoo Sandbox
Nmap
Metasploit

17. What is the purpose of the Cyber Kill Chain in threat intelligence?

To model the stages of a cyber attack
To block network traffic
To scan for vulnerabilities
To configure firewalls

18. Which type of threat intelligence is focused on high-level trends and patterns?

Strategic
Tactical
Operational
Technical

19. What is the primary purpose of a Threat Actor Profile?

To understand the motivations and methods of adversaries
To block network traffic
To scan for vulnerabilities
To configure firewalls

20. Which framework is used for sharing structured threat information?

TAXII
MITRE ATT&CK
NIST CSF
ISO 27001

21. Which framework describes adversary tactics and techniques?

MITRE ATT&CK
NIST CSF
ISO 27001
PCI DSS

22. What is the primary purpose of the Diamond Model?

To analyze intrusion events
To block network traffic
To scan for vulnerabilities
To configure firewalls

23. Which type of intelligence focuses on technical indicators?

Tactical
Strategic
Operational
Sector-specific

24. What is the primary purpose of STIX?

To structure threat information
To block attacks
To scan networks
To configure security devices

25. Which protocol is used to transport STIX data?

TAXII
HTTP
FTP
SMTP

26. What is the primary purpose of a TIP?

To centralize threat intelligence
To block malware
To scan for vulnerabilities
To configure firewalls

27. Which type of intelligence informs executive decisions?

Strategic
Tactical
Operational
Technical

28. What is the primary purpose of the Cyber Kill Chain?

To model attack progression
To block network traffic
To scan for vulnerabilities
To configure firewalls

29. Which type of intelligence is derived from dark web monitoring?

External
Internal
Open source
Proprietary

30. What is the primary purpose of YARA?

To identify malware
To block attacks
To scan networks
To configure security devices

31. Which framework describes adversary groups?

MITRE ATT&CK Groups
NIST CSF
ISO 27001
PCI DSS

32. What is the primary purpose of MISP?

To share threat intelligence
To block malware
To scan for vulnerabilities
To configure firewalls

33. Which type of intelligence supports SOC operations?

Operational
Strategic
Tactical
Technical

34. What is the primary purpose of OpenIOC?

To describe indicators of compromise
To block attacks
To scan networks
To configure security devices

35. Which type of intelligence is derived from honeypots?

Internal
External
Open source
Proprietary

36. What is the primary purpose of VERIS?

To document security incidents
To block attacks
To scan networks
To configure security devices

37. Which framework describes attack techniques?

MITRE ATT&CK Techniques
NIST CSF
ISO 27001
PCI DSS

38. What is the primary purpose of ThreatConnect?

To analyze threat intelligence
To block malware
To scan for vulnerabilities
To configure firewalls

39. Which type of intelligence is derived from threat feeds?

External
Internal
Open source
Proprietary

40. What is the primary purpose of Maltego?

To visualize threat relationships
To block attacks
To scan networks
To configure security devices

41. Which framework describes adversary software?

MITRE ATT&CK Software
NIST CSF
ISO 27001
PCI DSS

42. What is the primary purpose of Recorded Future?

To analyze threat intelligence
To block malware
To scan for vulnerabilities
To configure firewalls

43. Which type of intelligence is derived from SIEM logs?

Internal
External
Open source
Proprietary

44. What is the primary purpose of Anomali?

To analyze threat intelligence
To block attacks
To scan networks
To configure security devices

45. Which framework describes mitigation techniques?

MITRE ATT&CK Mitigations
NIST CSF
ISO 27001
PCI DSS

46. What is the primary purpose of ThreatQuotient?

To manage threat intelligence
To block malware
To scan for vulnerabilities
To configure firewalls

47. Which type of intelligence is derived from sandbox analysis?

Technical
Strategic
Operational
Tactical

48. What is the primary purpose of EclecticIQ?

To analyze threat intelligence
To block attacks
To scan networks
To configure security devices

49. Which framework describes data sources?

MITRE ATT&CK Data Sources
NIST CSF
ISO 27001
PCI DSS

50. What is the primary purpose of ThreatStream?

To analyze threat intelligence
To block malware
To scan for vulnerabilities
To configure firewalls

51. Which type of intelligence is derived from penetration tests?

Internal
External
Open source
Proprietary

52. What is the primary purpose of ThreatMiner?

To analyze threat intelligence
To block attacks
To scan networks
To configure security devices

53. Which framework describes groups by region?

MITRE ATT&CK Groups by Region
NIST CSF
ISO 27001
PCI DSS

54. What is the primary purpose of ThreatCrowd?

To visualize threat relationships
To block malware
To scan for vulnerabilities
To configure firewalls

55. Which type of intelligence is derived from vulnerability scans?

Technical
Strategic
Operational
Tactical

56. What is the primary purpose of VirusTotal?

To analyze suspicious files
To block attacks
To scan networks
To configure security devices

57. Which framework describes cloud techniques?

MITRE ATT&CK Cloud
NIST CSF
ISO 27001
PCI DSS

58. What is the primary purpose of Hybrid Analysis?

To analyze malware
To block attacks
To scan networks
To configure security devices

59. Which type of intelligence is derived from threat actors?

Strategic
Tactical
Operational
Technical

60. What is the primary purpose of Joe Sandbox?

To analyze malware
To block attacks
To scan networks
To configure security devices

61. Which framework describes mobile techniques?

MITRE ATT&CK Mobile
NIST CSF
ISO 27001
PCI DSS

62. What is the primary purpose of ANY.RUN?

To analyze malware
To block attacks
To scan networks
To configure security devices

63. Which type of intelligence is derived from geopolitical analysis?

Strategic
Tactical
Operational
Technical

64. What is the primary purpose of Intezer?

To analyze malware
To block attacks
To scan networks
To configure security devices

65. Which framework describes ICS techniques?

MITRE ATT&CK ICS
NIST CSF
ISO 27001
PCI DSS

66. What is the primary purpose of VMRay?

To analyze malware
To block attacks
To scan networks
To configure security devices

67. Which type of intelligence is derived from business risk analysis?

Strategic
Tactical
Operational
Technical

68. What is the primary purpose of CAPE?

To analyze malware
To block attacks
To scan networks
To configure security devices

69. Which framework describes Windows techniques?

MITRE ATT&CK Windows
NIST CSF
ISO 27001
PCI DSS

70. What is the primary purpose of InQuest?

To analyze malware
To block attacks
To scan networks
To configure security devices

71. Which type of intelligence is derived from financial analysis?

Strategic
Tactical
Operational
Technical

72. What is the primary purpose of ThreatGrid?

To analyze malware
To block attacks
To scan networks
To configure security devices

73. Which framework describes Linux techniques?

MITRE ATT&CK Linux
NIST CSF
ISO 27001
PCI DSS

74. What is the primary purpose of Cuckoo Sandbox?

To analyze malware
To block attacks
To scan networks
To configure security devices

75. Which type of intelligence is derived from competitive analysis?

Strategic
Tactical
Operational
Technical

76. What is the primary purpose of Falcon Sandbox?

To analyze malware
To block attacks
To scan networks
To configure security devices

77. Which framework describes macOS techniques?

MITRE ATT&CK macOS
NIST CSF
ISO 27001
PCI DSS

78. What is the primary purpose of FireEye AX?

To analyze malware
To block attacks
To scan networks
To configure security devices

79. Which type of intelligence is derived from legal analysis?

Strategic
Tactical
Operational
Technical

80. What is the primary purpose of ThreatAnalyzer?

To analyze malware
To block attacks
To scan networks
To configure security devices

81. Which framework describes network techniques?

MITRE ATT&CK Network
NIST CSF
ISO 27001
PCI DSS

82. What is the primary purpose of ThreatTrack?

To analyze malware
To block attacks
To scan networks
To configure security devices

83. Which type of intelligence is derived from regulatory analysis?

Strategic
Tactical
Operational
Technical

84. What is the primary purpose of Comodo Valkyrie?

To analyze malware
To block attacks
To scan networks
To configure security devices

85. Which framework describes container techniques?

MITRE ATT&CK Containers
NIST CSF
ISO 27001
PCI DSS

86. What is the primary purpose of ThreatExpert?

To analyze malware
To block attacks
To scan networks
To configure security devices

87. Which type of intelligence is derived from policy analysis?

Strategic
Tactical
Operational
Technical

88. What is the primary purpose of ThreatBook?

To analyze malware
To block attacks
To scan networks
To configure security devices

89. Which framework describes SaaS techniques?

MITRE ATT&CK SaaS
NIST CSF
ISO 27001
PCI DSS

90. What is the primary purpose of ThreatHunt?

To analyze malware
To block attacks
To scan networks
To configure security devices

91. Which type of intelligence is derived from threat modeling?

Strategic
Tactical
Operational
Technical

92. What is the primary purpose of ThreatRecon?

To analyze threat intelligence
To block attacks
To scan networks
To configure security devices

93. Which framework describes PRE techniques?

MITRE ATT&CK PRE
NIST CSF
ISO 27001
PCI DSS

94. What is the primary purpose of ThreatShare?

To share threat intelligence
To block malware
To scan for vulnerabilities
To configure firewalls

95. Which type of intelligence is derived from risk assessments?

Strategic
Tactical
Operational
Technical

96. What is the primary purpose of ThreatCrowd?

To visualize threat relationships
To block attacks
To scan networks
To configure security devices

97. Which framework describes enterprise techniques?

MITRE ATT&CK Enterprise
NIST CSF
ISO 27001
PCI DSS

98. What is the primary purpose of ThreatMiner?

To analyze threat intelligence
To block attacks
To scan networks
To configure security devices

99. Which type of intelligence is derived from security audits?

Internal
External
Open source
Proprietary

100. What is the primary purpose of ThreatConnect?

To analyze threat intelligence
To block malware
To scan for vulnerabilities
To configure firewalls

101. Which framework describes mobile adversary groups?

MITRE ATT&CK Mobile Groups
NIST CSF
ISO 27001
PCI DSS

102. What is the primary purpose of ThreatQ?

To manage threat intelligence
To block attacks
To scan networks
To configure security devices

103. Which type of intelligence is derived from incident response?

Operational
Strategic
Tactical
Technical

104. What is the primary purpose of ThreatButt?

Satirical threat intelligence
To block attacks
To scan networks
To configure security devices

105. Which framework describes ICS adversary groups?

MITRE ATT&CK ICS Groups
NIST CSF
ISO 27001
PCI DSS

106. What is the primary purpose of ThreatMinder?

To track threat intelligence
To block malware
To scan for vulnerabilities
To configure firewalls

107. Which type of intelligence is derived from forensic analysis?

Technical
Strategic
Operational
Tactical

108. What is the primary purpose of ThreatLookup?

To query threat intelligence
To block attacks
To scan networks
To configure security devices

109. Which framework describes cloud adversary groups?

MITRE ATT&CK Cloud Groups
NIST CSF
ISO 27001
PCI DSS

110. What is the primary purpose of ThreatKeeper?

To store threat intelligence
To block malware
To scan for vulnerabilities
To configure firewalls

The Eccouncil 312 85 Certified Threat Intelligence Analyst certification is a globally recognized credential for IT professionals. This practice test helps you prepare by covering key topics like hardware, networking, troubleshooting, and security.

Want more practice? Check out our other mock exams:

Eccouncil Certified Cybersecurity Technician
Eccouncil Ics Scada Ics Scada Cyber Security
Eccouncil Certified Network Defender
Eccouncil Ethical Hacking And Countermeasures
Eccouncil Certified Application Security Engineer Java
Eccouncil Ec Council Certified Ciso

Support

📧 Email Support ❓ FAQ 📞 Contact Us

Legal

📄 Terms & Refund Policy 🔒 Privacy Policy ⚖️ DMCA

Company

👥 About Us 🗺️ Sitemap

Connect With Us

Follow for IT lab tutorials & certification updates

© 2025 ITCertRocket.com - Hands-On IT Lab Exercises & Certification Prep. All rights reserved.