



















Study with the several resources on Docsity
Earn points by helping other students or get them with a premium plan
Prepare for your exams
Study with the several resources on Docsity
Earn points to download
Earn points by helping other students or get them with a premium plan
ALBERTA CYBER INTELLIGENCE ANALYST EXAM QUESTIONS AND CORRECT ANSWERS (VERIFIED ANSWERS) PLUS RATIONALE 2026 Q&A|INSTANT DOWNLOAD PDF
Typology: Exams
1 / 27
This page cannot be seen from the preview
Don't miss anything!




















1. What is cyber intelligence? A. Hardware repair B. Collection and analysis of cyber threat information C. Software development D. Network cabling Answer: B Focuses on understanding cyber threats and actors. 2. What is threat intelligence? A. Random data logs B. Information about cyber threats and attackers C. UI design D. Database storage Answer: B Used to predict and prevent attacks. 3. What is OSINT? A. Offline Security Internal Tool B. Open Source Intelligence C. Operating System Internet Tool D. Online Security Internal Tech Answer: B Information gathered from public sources.
4. What is SOC? A. System Operation Center B. Security Operations Center C. Secure Online Cloud D. System Optimization Core Answer: B Monitors security events. 5. What is a threat actor? A. System user B. Individual or group conducting cyber attacks C. Software tool D. Firewall system Answer: B Responsible for cyber threats. 6. What is APT? A. Advanced Persistent Threat B. Automated Protection Tool C. Active Protocol Transfer D. Application Processing Tech Answer: A Highly sophisticated cyber attackers. 7. What is malware? A. Hardware device B. Malicious software C. Network tool D. Encryption system Answer: B Designed to harm systems.
Answer: B Exploits human behavior.
12. What is cyber kill chain? A. Database model B. Stages of cyber attack lifecycle C. Encryption system D. Firewall system Answer: B Describes attacker steps. 13. What is reconnaissance in cyber attacks? A. Attack phase B. Information gathering phase C. Encryption phase D. Recovery phase Answer: B First stage of attack planning. 14. What is exploitation? A. Defense B. Using vulnerability to gain access C. Backup process D. Logging process Answer: B Attack phase using weaknesses. 15. What is persistence in cyber attacks? A. System shutdown B. Maintaining long-term access
C. Data backup D. Encryption Answer: B Ensures attacker remains in system.
16. What is lateral movement? A. System update B. Moving within network after breach C. Firewall upgrade D. Data backup Answer: B Expanding control in network. 17. What is command and control (C2)? A. Backup system B. Attacker remote control channel C. Firewall system D. Encryption system Answer: B Used to control compromised systems. 18. What is IOC? A. Internet Operating Code B. Indicator of Compromise C. Internal Operating Control D. Identity Online Check Answer: B Evidence of cyber attack. 19. What is malware signature?
23. What is SHA-256? A. Network protocol B. Cryptographic hash algorithm C. Firewall system D. UI system Answer: B Common hashing standard. 24. What is threat attribution? A. Data storage B. Identifying attacker origin C. Encryption D. Backup Answer: B Determines who is behind attacks. 25. What is OSINT tool example? A. Photoshop B. Maltego C. Excel D. Word Answer: B Used for intelligence mapping. 26. What is deep web? A. Public internet B. Non-indexed web content C. Gaming network D. Cloud system Answer: B Hidden from search engines.
27. What is dark web? A. Public websites B. Hidden encrypted internet space C. Cloud storage D. LAN network Answer: B Used for anonymous activity. 28. What is VPN used for in cyber intelligence? A. Gaming B. Secure encrypted connection C. Database storage D. UI design Answer: B Hides user identity. 29. What is proxy server? A. Firewall B. Intermediary between user and internet C. Database D. Antivirus Answer: B Masks user IP. 30. What is IP spoofing? A. Encryption B. Fake IP address use C. Backup system D. Firewall
C. Encryption D. Backup Answer: B Distributes findings.
35. What is threat hunting? A. Passive monitoring B. Active search for threats C. Backup process D. UI design Answer: B Proactive cyber defense. 36. What is SIEM? A. Secure Internet Encryption Module B. Security Information and Event Management C. System Integration Engine D. Storage Information Event Module Answer: B Centralized monitoring system. 37. What is log analysis? A. UI logs B. Examining system activity records C. Database design D. Encryption Answer: B Detects suspicious activity. 38. What is false positive in security?
A. Real attack B. Incorrect alert C. System failure D. Encryption error Answer: B Non-threat flagged as threat.
39. What is false negative? A. Correct detection B. Missed real threat C. Backup system D. Firewall system Answer: B Undetected attack. 40. What is malware reverse engineering? A. Software coding B. Analyzing malware behavior C. Network routing D. UI design Answer: B Understanding attack methods. 41. What is encryption key rotation? A. Key deletion B. Changing encryption keys periodically C. UI update D. Database backup Answer: B Improves security.
46. What is eradication in cyber response? A. Backup B. Removing threat completely C. Logging D. Monitoring Answer: B Eliminates malware. 47. What is recovery phase? A. Attack phase B. Restoring systems after attack C. Encryption phase D. UI phase Answer: B Restores normal operations. 48. What is cyber intelligence analyst role? A. Coding apps B. Analyze threats and security data C. UI design D. Hardware repair Answer: B Focuses on threat intelligence. 49. What is intelligence report? A. UI file B. Document of analyzed threat data C. Database system D. Backup file
Answer: B Used for decision-making.
50. What is ultimate goal of cyber intelligence? A. Data deletion B. Prevent and predict cyber threats C. UI design D. Offline systems Answer: B Protects organizations from cyber attacks. 51. What is MITRE ATT&CK framework used for? A. Hardware design B. Mapping cyber attack techniques and behaviors C. Data storage D. Encryption only Answer: B Helps analysts understand attacker tactics and techniques. 52. What does TTP stand for in cyber intelligence? A. Technical Threat Protocol B. Tactics, Techniques, and Procedures C. Threat Transfer Protocol D. Total Threat Protection Answer: B Describes attacker behavior patterns. 53. What is an Advanced Persistent Threat (APT)? A. Random virus B. Long-term targeted cyber attack group C. Firewall system D. Antivirus tool
C. Deleting malware D. Encrypting malware Answer: B Examines code safely.
58. What is dynamic malware analysis? A. No execution B. Running malware in sandbox C. Data storage D. Encryption Answer: B Observes behavior in real time. 59. What is IOC in threat intelligence? A. Internet Operation Code B. Indicator of Compromise C. Internal Operating Control D. Identity Operation Check Answer: B Evidence of intrusion. 60. What is IOA? A. Indicator of Attack B. Internal Operation Alert C. Internet Output Analysis D. Identity Operation Access Answer: A Focuses on attacker behavior patterns. 61. What is cyber intelligence fusion?
A. Data deletion B. Combining multiple intelligence sources C. Encryption system D. Backup system Answer: B Creates complete threat picture.
62. What is OSINT scraping? A. Data encryption B. Extracting public online data C. Firewall operation D. Malware removal Answer: B Collects intelligence from public sources. 63. What is geolocation intelligence? A. UI mapping B. Identifying physical location from data C. Database storage D. Encryption Answer: B Used in attribution. 64. What is metadata in cyber intelligence? A. Encrypted data B. Data about data C. Malware code D. Firewall rule Answer: B Helps analyze files and communication.
69. What is threat intelligence feed? A. UI feed B. Continuous stream of threat data C. Backup file D. Encryption key Answer: B Provides real-time intelligence. 70. What is cyber situational awareness? A. Coding awareness B. Understanding current threat environment C. UI design D. Database structure Answer: B Helps decision making. 71. What is malware beaconing? A. Data backup B. Regular communication to attacker server C. Encryption D. Firewall rule Answer: B Indicates compromised system. 72. What is command and control infrastructure? A. Backup system B. System used by attackers to control malware C. Firewall system D. Antivirus system
Answer: B Core attacker communication system.
73. What is domain generation algorithm (DGA)? A. Encryption method B. Algorithm generating random domains for malware C. Firewall rule D. Backup system Answer: B Used to evade detection. 74. What is cyber deception technique? A. Backup system B. Tricking attackers with fake assets C. Encryption system D. Firewall system Answer: B Misleads attackers. 75. What is honeynet? A. Real network B. Network of honeypots C. Database system D. Router system Answer: B Collects attacker behavior. 76. What is threat intelligence sharing? A. Data deletion B. Sharing threat data across organizations