Welcome to ExamTopics
ExamTopics Logo
- Expert Verified, Online, Free.
Mail Us[email protected]
Menu
Eccouncil Discussions
exam questions

Exam 312-50v12 All Questions

View all questions & answers for the 312-50v12 exam
Go to Exam

Exam 312-50v12 topic 1 question 192 discussion

Actual exam question from ECCouncil's 312-50v12
Question #: 192
Topic #: 1
[All 312-50v12 Questions]

A multinational organization has recently faced a severe information security breach. Investigations reveal that the attacker had a high degree of understanding of the organization’s internal processes and systems. This knowledge was utilized to bypass security controls and corrupt valuable resources. Considering this event, the security team is contemplating the type of attack that occurred and the steps they could have taken to prevent it. Choose the most plausible type of attack and a countermeasure that the organization could have employed:

  • A. Insider attacks and the organization should have implemented robust access control and monitoring.
  • B. Distribution attack and the organization could have ensured software and hardware integrity checks.
  • C. Passive attack and the organization should have used encryption techniques.
  • D. Active attack and the organization could have used network traffic analysis.
Show Suggested Answer Hide Answer
Suggested Answer: A 🗳️
by DarioReymag at Feb. 6, 2024, 10:38 p.m.

Comments

Chosen Answer:
This is a voting comment (?) , you can switch to a simple comment.
Switch to a voting comment New
Submit Cancel
GK2205
4 months ago
Selected Answer: A
The key to this question is in: "Investigations reveal that the attacker had a high degree of understanding of the organization’s internal processes and systems. This knowledge was utilized to bypass security controls and corrupt valuable resources" Assumption: Encryption is part of security controls Answer: A - Because only an insider can get to this level of understanding and access. (Acknowledging that there are some very good hacker out there, but one has to assume that that level of knowledge is very, very hard to gather externally).
upvoted 1 times
...
LordXander
7 months, 3 weeks ago
Selected Answer: A
Everyone is saying A, and I'm inclined to agree, but we are talking about data corruption which in itself suggests lack of encryption. Now, an insider threat could've used a passive attack for achieving its goal, hence it could be also C. My first thought of this was A, but thinking again, and again I can see C as plausible. In the exam I would've gone with A hence I will pick A
upvoted 1 times
...
DruSuperman
8 months, 3 weeks ago
Selected Answer: A
Knowing internal processes, has to be A.
upvoted 1 times
...
ahmedalkibsy
8 months, 3 weeks ago
A is correct
upvoted 1 times
...
anarchyeagle
8 months, 4 weeks ago
Chat GPT: Insider attacks occur when someone with authorized access to the organization's resources (an employee, contractor, or business partner) misuses their access to conduct malicious activities. The detailed knowledge of the organization's internal processes and systems, as described, suggests that the attacker was not an external party but rather someone with inside access or knowledge. Insider threats are challenging to detect because the attacker legitimately accesses the system, making their actions appear as normal activities.
upvoted 1 times
...
barey
9 months ago
GPT-4 A. Insider attacks and the organization should have implemented robust access control and monitoring. The details of the breach indicating that the attacker had an in-depth understanding of the company's internal processes and systems suggest that this could have been an insider attack.
upvoted 1 times
...
LeongCC
9 months ago
Selected Answer: A
It's should be the A. Already mentioned understanding of the organization’s internal processes and systems.
upvoted 1 times
...
brrbrr
9 months ago
Selected Answer: A
Given that the attacker had a high degree of understanding of the organization's internal processes and systems, it suggests that the breach may have been facilitated by someone with insider knowledge or access.
upvoted 1 times
...
calx5
9 months ago
Selected Answer: A
Insider attacks, attacker with high degree of understanding
upvoted 1 times
...
insaniunt
9 months, 2 weeks ago
Selected Answer: A
A. Insider attacks and the organization should have implemented robust access control and monitoring.
upvoted 1 times
...
JustAName
9 months, 2 weeks ago
Should be A because "Investigations reveal that the attacker had a high degree of understanding of the organization’s internal processes and systems." It is very likely that this attacker is within the organization, so insider threat.
upvoted 3 times
...

Get IT Certification

Unlock free, top-quality video courses on ExamTopics with a simple registration. Elevate your learning journey with our expertly curated content. Register now to access a diverse range of educational resources designed for your success. Start learning today with ExamTopics!

Start Learning for free
Community vote distribution
A (35%)
C (25%)
B (20%)
Other
Most Voted
A voting comment increases the vote count for the chosen answer by one.

Upvoting a comment with a selected answer will also increase the vote count towards that answer by one. So if you see a comment that you already agree with, you can upvote it instead of posting a new comment.

SaveCancel