Certified Threat Intelligence Analyst (CTIA) — Question 58
John, a threat intelligence analyst in Cybertech Company, was asked to obtain information that provides greater insight into the current cyber risks. To gather such information, John needs to find the answer of the following questions:
• Why the organization might be attacked?
• How the organization might be attacked?
• Who might be the intruders?
Identity the type of security testing John is going to perform.
Answer options
- A. White box testing
- B. Black box testing
- C. Intelligence-led security testing
- D. Performance testing
Correct answer: C
Explanation
The correct answer is C, as intelligence-led security testing focuses on understanding the motivations, methods, and potential attackers, which aligns with John's goal of identifying cyber risks. Options A and B refer to testing methodologies that evaluate software security from different perspectives but do not specifically address the gathering of threat intelligence. Option D relates to assessing system performance rather than analyzing security threats.