CompTIA Network+ (N10-008) — Question 223

A network administrator is preparing answers for an annual risk assessment that is required for compliance purposes. Which of the following would be an example of an internal threat?

Answer options

• A. An approved vendor with on-site offices
• B. An infected client that pulls reports from the firm
• C. A malicious attacker from within the same country
• D. A malicious attacker attempting to socially engineer access into corporate offices

Correct answer: B

Explanation

Option B is correct because an infected client accessing reports poses a threat from within the organization. Options A, C, and D represent external threats or scenarios involving external parties rather than an internal compromise.