Certified Chief Information Security Officer (CCISO) — Question 97

A large number of accounts in a hardened system were suddenly compromised to an external party. Which of the following is the MOST probable threat actor involved in this incident?

Answer options

• A. Poorly configured firewalls
• B. Malware
• C. Advanced Persistent Threat (APT)
• D. An insider

Correct answer: D

Explanation

The correct answer is D, as an insider threat often has legitimate access to systems, making it easier to compromise accounts without being detected. While poorly configured firewalls, malware, and APTs can pose risks, they typically do not explain sudden breaches in access as effectively as an insider, who may exploit their privileges.