CompTIA CASP+ (CAS-004) — Question 109

A company security engineer arrives at work to face the following scenario:
1. Website defacement
2. Calls from the company president indicating the website needs to be fixed immediately because it is damaging the brand
3. A job offer from the company's competitor
4. A security analyst's investigative report, based on logs from the past six months, describing how lateral movement across the network from various IP addresses originating from a foreign adversary country resulted in exfiltrated data
Which of the following threat actors is MOST likely involved?

Answer options

• A. Organized crime
• B. Script kiddie
• C. APT/nation-state
• D. Competitor

Correct answer: C

Explanation

The correct answer is C, APT/nation-state, as the scenario indicates sophisticated lateral movement and data exfiltration linked to a foreign adversary, which is characteristic of advanced persistent threats. Options A (Organized crime) and B (Script kiddie) typically do not exhibit the level of coordination and stealth seen here, while D (Competitor) does not account for the foreign connection indicated in the report.