A network administrator is preparing answers for an annual risk assessment that is required for compliance purposes. Which of the following would be an example of an internal threat?
A.
An approved vendor with on-site offices
B.
An infected client that pulls reports from the firm
C.
A malicious attacker from within the same country
D.
A malicious attacker attempting to socially engineer access into corporate offices
B. An infected client that pulls reports from the firm
Why not An approved vendor with on-site offices?
An approved vendor with on-site offices is not an example of an internal threat because they are an external entity with authorized access to the company's network or facilities. Internal threats typically come from individuals within the company such as employees, contractors, or other insiders who may have authorized access to the company's systems but may abuse this access for malicious purposes or inadvertently cause harm to the company's network or data.
It's A, this is an easy question, I'm starting to regret taking advice from a some of you. An insider threat is most definitely an INDIVIDUAL in this context.
Both A & B falls in an insider threat category, but base on the first sentence.... I would chose B which implies the internal company's risk assessment. I maybe wrong in my understanding.
Internal Threat = Any threat that originates within the organization itself that can cause damage to your systems, or data, they can be intentional, or accidental. A malicious attacker from within the same country is the most fitting for an insider threat, because it is someone intending harm from within.
An approved vendor is not an internal threat unless it is proven that they have interest to harm the company.
The malware that has infected the client is not shown to have come from within the company, but is a vulnerability that needs to be fixed & addressed.
A malicious attacker attempting to socially engineer access is not shown as an insider threat unless it is revealed that they are in-fact within the company.
A is the correct answer and this is why it is not B. for something to be considered and "Insider threat" it has to be someone from within the company. An infected computer would not be considered an insider threat because It more than likely has been breached from someone outside of the company. The question is asking what is considered to be an "Insider Threat" so the answer is an external company with an office inside. Even if they are not actively trying to breach the network or steal information they are still a possible threat.
Initially I thought B. But now that I think about it, internal threats are usually people you have granted permission to that are doing harm to your network. In this case, A fits the bill more so than B. B sounds like a compromised device more than anything.
I am here to shed some light, chatGPT's response:
B. An infected client that pulls reports from the firm would be an example of an internal threat. Internal threats come from sources inside the organization, including employees, contractors, and other trusted individuals who have access to the organization's systems and data.
D. A malicious attacker attempting to socially engineer access into corporate offices
Internal threats refer to security risks that originate from within an organization, typically from employees, contractors, or other insiders with legitimate access to the organization's systems and data. In this case, a malicious attacker attempting to socially engineer access into corporate offices would be an internal threat as the attacker is trying to gain unauthorized access to the organization's resources by manipulating an employee or other insider.
Answer A, "An approved vendor with on-site offices" is not an internal threat because it does not originate from within the organization. The approved vendor is an external entity, even though they have access to the organization's office and resources through the approved vendor status. An approved vendor may pose a risk, but it would be more of an external threat such as vendor risk management, rather than an internal threat.
Insider threat= insider threat is defined as the threat that an employee or a contractor will use his or her authorized access, wittingly or unwittingly, to do harm
This section is not available anymore. Please use the main Exam Page.N10-008 Exam Questions
Log in to ExamTopics
Sign in:
Community vote distribution
A (35%)
C (25%)
B (20%)
Other
Most Voted
A voting comment increases the vote count for the chosen answer by one.
Upvoting a comment with a selected answer will also increase the vote count towards that answer by one.
So if you see a comment that you already agree with, you can upvote it instead of posting a new comment.
IT__noob
Highly Voted 2 years, 1 month agob6482cd
Most Recent 9 months, 2 weeks agoPaula77
1 year, 4 months agomaggie22
1 year, 5 months agoMehsotopes
1 year, 5 months agoIckyNicky
1 year, 5 months agoJuliana1017
1 year, 9 months agoLiamAzure
1 year, 9 months agoMolongo
1 year, 12 months ago1stAid
2 years agoRobV
2 years, 1 month agoStellarSteve
2 years, 1 month agoFreePrivacy
2 years, 2 months agoStellarSteve
2 years, 1 month agoBeauChateau
2 years, 3 months agoJAMBER
2 years, 5 months agoAntonioTech
2 years, 5 months agofouserd
2 years, 5 months ago