ExamTopics Logo
Mail Us[email protected]
Menu
Eccouncil Discussions
exam questions

Exam 312-50v12 All Questions

View all questions & answers for the 312-50v12 exam
Go to Exam

Exam 312-50v12 topic 1 question 192 discussion

Actual exam question from ECCouncil's 312-50v12
Question #: 192
Topic #: 1
[All 312-50v12 Questions]

A multinational organization has recently faced a severe information security breach. Investigations reveal that the attacker had a high degree of understanding of the organization’s internal processes and systems. This knowledge was utilized to bypass security controls and corrupt valuable resources. Considering this event, the security team is contemplating the type of attack that occurred and the steps they could have taken to prevent it. Choose the most plausible type of attack and a countermeasure that the organization could have employed:

  • A. Insider attacks and the organization should have implemented robust access control and monitoring.
  • B. Distribution attack and the organization could have ensured software and hardware integrity checks.
  • C. Passive attack and the organization should have used encryption techniques.
  • D. Active attack and the organization could have used network traffic analysis.
Show Suggested Answer Hide Answer
Suggested Answer: A 🗳️
by DarioReymag at Feb. 6, 2024, 10:38 p.m.

Comments

Chosen Answer:
This is a voting comment (?). It is better to Upvote an existing comment if you don't have anything to add.
Switch to a voting comment New
Submit Cancel
GK2205
8 months, 2 weeks ago
Selected Answer: A
The key to this question is in: "Investigations reveal that the attacker had a high degree of understanding of the organization’s internal processes and systems. This knowledge was utilized to bypass security controls and corrupt valuable resources" Assumption: Encryption is part of security controls Answer: A - Because only an insider can get to this level of understanding and access. (Acknowledging that there are some very good hacker out there, but one has to assume that that level of knowledge is very, very hard to gather externally).
upvoted 1 times
...
LordXander
1 year ago
Selected Answer: A
Everyone is saying A, and I'm inclined to agree, but we are talking about data corruption which in itself suggests lack of encryption. Now, an insider threat could've used a passive attack for achieving its goal, hence it could be also C. My first thought of this was A, but thinking again, and again I can see C as plausible. In the exam I would've gone with A hence I will pick A
upvoted 1 times
...
DruSuperman
1 year ago
Selected Answer: A
Knowing internal processes, has to be A.
upvoted 1 times
...
ahmedalkibsy
1 year, 1 month ago
A is correct
upvoted 1 times
...
anarchyeagle
1 year, 1 month ago
Chat GPT: Insider attacks occur when someone with authorized access to the organization's resources (an employee, contractor, or business partner) misuses their access to conduct malicious activities. The detailed knowledge of the organization's internal processes and systems, as described, suggests that the attacker was not an external party but rather someone with inside access or knowledge. Insider threats are challenging to detect because the attacker legitimately accesses the system, making their actions appear as normal activities.
upvoted 1 times
...
barey
1 year, 1 month ago
GPT-4 A. Insider attacks and the organization should have implemented robust access control and monitoring. The details of the breach indicating that the attacker had an in-depth understanding of the company's internal processes and systems suggest that this could have been an insider attack.
upvoted 1 times
...
LeongCC
1 year, 1 month ago
Selected Answer: A
It's should be the A. Already mentioned understanding of the organization’s internal processes and systems.
upvoted 1 times
...
brrbrr
1 year, 1 month ago
Selected Answer: A
Given that the attacker had a high degree of understanding of the organization's internal processes and systems, it suggests that the breach may have been facilitated by someone with insider knowledge or access.
upvoted 1 times
...
calx5
1 year, 1 month ago
Selected Answer: A
Insider attacks, attacker with high degree of understanding
upvoted 1 times
...
insaniunt
1 year, 1 month ago
Selected Answer: A
A. Insider attacks and the organization should have implemented robust access control and monitoring.
upvoted 1 times
...
JustAName
1 year, 1 month ago
Should be A because "Investigations reveal that the attacker had a high degree of understanding of the organization’s internal processes and systems." It is very likely that this attacker is within the organization, so insider threat.
upvoted 3 times
...
Community vote distribution
A (35%)
C (25%)
B (20%)
Other
Most Voted
A voting comment increases the vote count for the chosen answer by one.

Upvoting a comment with a selected answer will also increase the vote count towards that answer by one. So if you see a comment that you already agree with, you can upvote it instead of posting a new comment.

SaveCancel
exam
Someone Bought Contributor Access for:
SY0-701
London, 1 minute ago