Exam SY0-701 topic 1 question 199 discussion

The scenario described is: D. Shadow IT Shadow IT refers to the use of technology, systems, or services by employees without the approval or knowledge of the IT department. In this case, the research and development department is bypassing the company’s VPN, potentially using unauthorized methods to access company-related services and systems. This can pose security risks, as these systems may not adhere to the company’s security policies and protocols.

D, espionage given here is crazy lmao

B. Data exfiltration From the official CompTIA SYO-701 study guide - "Data exfiltration is the unauthorized transfer of data outside an organization and is a significant conern."

This question is worded terribly as it isn't noted that the department is using shadow IT. One shouldn't just assume they are using unauthorized software or hardware. Or I could assume since they aren't using a VPN to provide them a secure tunnel when accessing company resources, they were compromised causing data to be exfiltrated. They are just simply not using their VPN to access authorized company services and systems. This seems to be more of a policy enforcement issue then anything.

Using unauthorized software, eh Dave? The scenario may imply the use of an unofficial VPN for the sake of carrying out Espionage or Data Exfiltration, but there is no sign of it. The threat is the VPN rather the user or the data. Additionally, it doesn't seem like the nation-state attack would fit since the hallmarks of such an attack aren't present (lots of funding, firmware-level bugs, unique spyware, social engineering).

Shadow IT is the use of IT-related hardware or software by a department or individual without the knowledge of the IT or security group within the organization.