Certified Ethical Hacker (CEH v13) — Question 40

A multinational organization has recently faced a severe information security breach. Investigations reveal that the attacker had a high degree of understanding of the organization’s internal processes and systems. This knowledge was utilized to bypass security controls and corrupt valuable resources. Considering this event, the security team is contemplating the type of attack that occurred and the steps they could have taken to prevent it. Choose the most plausible type of attack and a countermeasure that the organization could have employed:

Answer options

• A. Insider attacks and the organization should have implemented robust access control and monitoring.
• B. Distribution attack and the organization could have ensured software and hardware integrity checks.
• C. Passive attack and the organization should have used encryption techniques.
• D. Active attack and the organization could have used network traffic analysis.

Correct answer: A

Explanation

The correct answer is A because insider attacks involve individuals within the organization who have knowledge of the systems and can exploit this to bypass security. The other options do not fit the context of the breach as well; for instance, distribution attacks are not typically associated with internal knowledge, and passive attacks do not involve the corruption of resources.