GIAC Cyber Threat Intelligence (GCTI) Practice
Midterm Examination Questions And Correct
Answers (Verified Answers) Plus Rationales 2026
Q&A | Instant Download Pdf
National Initiative for Cybersecurity Education (NICE) Work Role Categories
- Oversight and Governance (OG)
- Design and Development (DD)
- Implementation and Operation (IO)
- Protection and Defense (PD)
- Investigation (IN)
- Cyberspace Intelligence (CI)
- Cyberspace Effects (CE)
Oversight and Governance (OG)
Provides leadership, management, direction, and advocacy so the
organization may effectively manage cybersecurity-related risks to the
enterprise and conduct
cybersecurity work.
Design and Development (DD)
Conducts research, conceptualizes, designs, develops, and tests secure
technology systems, including on perimeter and cloud-based networks
,Implementation and Operation (IO)
Provides implementation, administration, configuration, operation, and
maintenance to ensure effective and efficient technology system
performance and security
Protection and Defense (PD)
Protects against, identifies, and analyzes risks to technology systems or
networks. Includes investigation of cybersecurity events or crimes related
to technology systems and networks.
Investigation (IN)
Conducts national cybersecurity and cybercrime investigations, including
the collection, management, and analysis of digital evidence
Cyberspace Intelligence (CI)
Collects, processes, analyzes and disseminates information from all sources
of intelligence on foreign actors' cyberspace programs, intentions,
capabilities, research, and development, and operational activities.
Cyberspace Effects (CE)
Plans, supports, and executes cyberspace capabilities where the primary
purpose is to externally defend or conduct force projection in or through
cyberspace
,Encryption
scrambles information into an alternative form that requires a key or password
to decrypt
Decryption
a process that reverses encryption, taking a secret message and reproducing
the original plain text
Identity and Access Management
Enables the right individuals to access the right resources at the right times
and for the right reasons
Authentication
you are who you say you are. Includes password management and multi-
factor authentication
Authorization
What you are allowed to access. Includes access management, account
creation, and account deletion
Vulnerability
A weakness in the system. Can be exploited to cause loss or harm.
, Threat
A set of circumstances that exploits vulnerabilities to cause loss or harm.
Control/countermeasure
An action/device/procedure/technique that eliminates or reduces a
vulnerability.
SQL Injection
An attack that targets SQL servers by injecting commands to be manipulated
by the database.
What is CTI?
There are varying definitions:
- Cyber threat intelligence is knowledge about adversaries and their
motivations, intentions, and methods that is collected, analyzed and
disseminated in ways that help security and business staff at all levels
protect the critical assets of the
enterprise
- Cyber threat intelligence (CTI) is threat intelligence related to computers,
networks and information technology.
- Cyber threat intelligence (CTI) is an advanced process that enables an
organization to continually gather valuable insights based on the analysis
of contextual and
situational risks and can be tailored to the organization's specific threat
landscape, its industry and markets
Midterm Examination Questions And Correct
Answers (Verified Answers) Plus Rationales 2026
Q&A | Instant Download Pdf
National Initiative for Cybersecurity Education (NICE) Work Role Categories
- Oversight and Governance (OG)
- Design and Development (DD)
- Implementation and Operation (IO)
- Protection and Defense (PD)
- Investigation (IN)
- Cyberspace Intelligence (CI)
- Cyberspace Effects (CE)
Oversight and Governance (OG)
Provides leadership, management, direction, and advocacy so the
organization may effectively manage cybersecurity-related risks to the
enterprise and conduct
cybersecurity work.
Design and Development (DD)
Conducts research, conceptualizes, designs, develops, and tests secure
technology systems, including on perimeter and cloud-based networks
,Implementation and Operation (IO)
Provides implementation, administration, configuration, operation, and
maintenance to ensure effective and efficient technology system
performance and security
Protection and Defense (PD)
Protects against, identifies, and analyzes risks to technology systems or
networks. Includes investigation of cybersecurity events or crimes related
to technology systems and networks.
Investigation (IN)
Conducts national cybersecurity and cybercrime investigations, including
the collection, management, and analysis of digital evidence
Cyberspace Intelligence (CI)
Collects, processes, analyzes and disseminates information from all sources
of intelligence on foreign actors' cyberspace programs, intentions,
capabilities, research, and development, and operational activities.
Cyberspace Effects (CE)
Plans, supports, and executes cyberspace capabilities where the primary
purpose is to externally defend or conduct force projection in or through
cyberspace
,Encryption
scrambles information into an alternative form that requires a key or password
to decrypt
Decryption
a process that reverses encryption, taking a secret message and reproducing
the original plain text
Identity and Access Management
Enables the right individuals to access the right resources at the right times
and for the right reasons
Authentication
you are who you say you are. Includes password management and multi-
factor authentication
Authorization
What you are allowed to access. Includes access management, account
creation, and account deletion
Vulnerability
A weakness in the system. Can be exploited to cause loss or harm.
, Threat
A set of circumstances that exploits vulnerabilities to cause loss or harm.
Control/countermeasure
An action/device/procedure/technique that eliminates or reduces a
vulnerability.
SQL Injection
An attack that targets SQL servers by injecting commands to be manipulated
by the database.
What is CTI?
There are varying definitions:
- Cyber threat intelligence is knowledge about adversaries and their
motivations, intentions, and methods that is collected, analyzed and
disseminated in ways that help security and business staff at all levels
protect the critical assets of the
enterprise
- Cyber threat intelligence (CTI) is threat intelligence related to computers,
networks and information technology.
- Cyber threat intelligence (CTI) is an advanced process that enables an
organization to continually gather valuable insights based on the analysis
of contextual and
situational risks and can be tailored to the organization's specific threat
landscape, its industry and markets
