Certified Ethical Hacker (CEH v12) — Question 188

A multinational organization has recently faced a severe information security breach. Investigations reveal that the attacker had a high degree of understanding of the organization’s internal processes and systems. This knowledge was utilized to bypass security controls and corrupt valuable resources. Considering this event, the security team is contemplating the type of attack that occurred and the steps they could have taken to prevent it. Choose the most plausible type of attack and a countermeasure that the organization could have employed:

Answer options

• A. Insider attacks and the organization should have implemented robust access control and monitoring.
• B. Distribution attack and the organization could have ensured software and hardware integrity checks.
• C. Passive attack and the organization should have used encryption techniques.
• D. Active attack and the organization could have used network traffic analysis.

Correct answer: A

Explanation

The correct answer is A, as insider attacks are characterized by individuals who have intimate knowledge of the organization's systems, allowing them to bypass security measures effectively. The other options do not fit the context of someone within the organization exploiting their knowledge, nor do they suggest preventive measures that directly address the nature of insider threats.