Insider Threat
Question
A disgruntled employee decides to leak critical information about a company's new product.
The employee places keyloggers on the department's computers, allowing the information to be sent out to the Internet.
Which of the following attacks is occurring?
A.
Man-in-the-middle B.
Logic bomb C.
Insider threat D.
Social engineering.
C.
Explanations
A disgruntled employee decides to leak critical information about a company's new product.
The employee places keyloggers on the department's computers, allowing the information to be sent out to the Internet.
Which of the following attacks is occurring?
A.
Man-in-the-middle
B.
Logic bomb
C.
Insider threat
D.
Social engineering.
C.
The correct answer is C. Insider threat.
An insider threat is a security threat that comes from within an organization. It refers to a current or former employee, contractor, or business partner who has access to an organization's sensitive data, systems, or networks and intentionally or unintentionally causes harm to the organization.
In this scenario, the disgruntled employee is intentionally leaking critical information about the company's new product by placing keyloggers on the department's computers. A keylogger is a type of software or hardware device that records every keystroke made on a computer, including passwords, credit card numbers, and other sensitive information. By placing keyloggers on the computers, the employee can capture sensitive information and send it out to the internet.
A man-in-the-middle attack (A) occurs when an attacker intercepts communication between two parties and can eavesdrop, alter, or manipulate the communication. This scenario does not involve intercepting communication between two parties.
A logic bomb (B) is a type of malicious code that is intentionally inserted into a software program or system to execute a harmful action when certain conditions are met, such as a specific date or time. This scenario does not involve the use of a logic bomb.
Social engineering (D) refers to the use of psychological manipulation to trick individuals into divulging confidential information or performing an action that is not in their best interest. This scenario does not involve the use of social engineering.
In summary, the scenario described in the question is an example of an insider threat, where a disgruntled employee intentionally leaks critical information about a company's new product by placing keyloggers on department computers.
