ATTENTION the attacker is planning . If we consider that iy is need know the network to attack, the correct answer is D
"attackers act like detectives, gathering information to truly understand their target. From examining email lists to open source information, their goal is to know the network better than the people who run and maintain it. They hone in on the security aspect of the technology, study the weaknesses, and use any vulnerability to their advantage."
https://www.graylog.org/post/cyber-security-understanding-the-5-phases-of-intrusion
My initial thought was D but on a second thought, I agree the answer is A. You may have sensitive information about the network topology (not people or sensitive government data), yet unable to break the network security.
A. Organization loses control of their network devices.
When an organization loses control of their network devices, it means the attackers can potentially take over the entire network infrastructure. This scenario allows for a wide range of malicious activities, including the possibility of shutting down services, stealing sensitive data, deploying malware, and causing extensive damage. The other scenarios are certainly serious, but losing control of network devices represents a more comprehensive and critical threat.
Although D can be used to plan further attacks, it is not as immediately damaging as losing control of the network devices. Therefore A is better option here.
Agree with option D. Sensitive information sound to have higher risk than loosing control of network devices. You can always shutdown the hardware at the expense to operation, but it's like taking away their only advantage. You can always replace the devices, but sensitive or critical network architecture sound more expensive to overhaul.
When you know about the information in the network, it will make you leverage it and have access to the network, thereby making the organization lose control of the network. Once you know the organization's Main IP of the network is very risky, you can use it to flood traffic to gain control of the network.
Reconnaissance
Weaponising
Delivery
Installation
Exploitation <--- D when knows about sensitive information
Command and control <--A is at this stage
Action
Why not B?
If we consider that, we have to answer the question "What is the highest risk for the (attacking) organization?" It should be B.
A is easy to solve for an attacker. "Their network devices" means their own network devices like a internet router.
Not the ones in the goverment network. Just use a new internet access or hardware.
But if they flood the goverment network with (unnaturally) communication traffic, they get flagged by IDS/IPS and easily detected.
Guys you have to read the question again. Try to understand the question better. The organization being refered to with regard to the highest risk is the Criminal Organization not the government network. A CRIMINAL ORGANIZATION is planning an attack on a government network. Which of the following scenarios presents the HIGHEST risk to the ORGANIZATION? (To the criminals organization) - A: Will compromise the criminal organization, cannot carry out planned attack. I agree with Markrlucas
It's a GOVERNMENT network! I think this is the key hint that decides whether the answer is A or D. In my opinion, A can come as a consequence of D. By gaining access to sensitive information about the network topology, criminal organization would basically know everything about the network making the attacks on the network more effective and more dangerous.
So for me, it's D.
The scenario that presents the highest risk to the organization is D. Attacker accesses sensitive information regarding the network topology.
The network topology is the arrangement and configuration of the network devices, such as routers, switches, firewalls, servers, etc., and the connections between them, such as cables, wireless links, protocols, etc. The network topology defines how the network operates, communicates, and performs.
A CRIMINAL ORGANIZATION is planning an attack on a government network. Which of the following scenarios presents the HIGHEST risk to the ORGANIZATION? (To the criminals organization) - A: Will compromise the criminal organization, cannot carry out planned attack.
D presents the highest risk to the organization because it implies that the attacker has gained access to sensitive information about the network topology. This could enable the attacker to more effectively exploit the network by understanding its structure and vulnerabilities, which could result in more significant damage and disruption.
Why isn't D? like if attackers get Network topology, they have access to the IP ranges, Protocols being used, Ports, Operating system in use on the network including how many firewalls and switches in use.
A voting comment increases the vote count for the chosen answer by one.
Upvoting a comment with a selected answer will also increase the vote count towards that answer by one.
So if you see a comment that you already agree with, you can upvote it instead of posting a new comment.
JAckThePip
Highly Voted 2 years, 2 months agoMgz156
Highly Voted 2 years, 3 months agojackdryan
1 year, 8 months agofathermora
Most Recent 3 weeks, 3 days agoFouad777
1 month, 1 week agoKennethLZK
1 month, 2 weeks agodeeden
4 months, 3 weeks agosomsom
6 months, 1 week agoJenkins3mol
8 months agoCCNPWILL
8 months, 2 weeks agoRumor19
11 months agoSoleandheel
1 year agoAlexJacobson
1 year, 1 month agoLaw88
1 year, 3 months agomarkrlucas
1 year, 6 months agoats20
2 months agos_n_
1 year, 11 months agoCyber_Punk_Rock
1 year, 12 months agorootic
2 years, 2 months ago