Learn how to model threats for a controversial CEO opinion article using CompTIA Security+ Exam concepts. Discover the best threat actor to consider in this scenario.
Table of Contents
Question
A company’s Chief Information Security Officer (CISO) recently warned the security manager that the company’s Chief Executive Officer (CEO) is planning to publish a controversial opinion article in a national newspaper, which may result in new cyberattacks. Which of the following would be best for the security manager to use in a threat model?
A. Hacktivists
B. White-hat hackers
C. Script kiddies
D. Insider threats
Answer
A. Hacktivists
Explanation
Hacktivists are the best threat actor to include in the security manager’s threat model when the company’s CEO plans to publish a controversial opinion article in a national newspaper. Hacktivists are individuals or groups who use hacking techniques to promote a political agenda or social cause. They often target organizations or individuals they perceive as opposing their beliefs or values.
In this scenario, the controversial nature of the CEO’s opinion article may attract the attention of hacktivists who disagree with the expressed views. They may attempt to disrupt the company’s operations, deface websites, or leak sensitive information to damage the organization’s reputation and draw attention to their cause.
The other options are less likely to be the primary threat actors in this situation:
- White-hat hackers are ethical hackers who help organizations identify vulnerabilities and improve security. They are unlikely to target the company maliciously.
- Script kiddies are unskilled attackers who use pre-written scripts or tools to exploit known vulnerabilities. While they may opportunistically target the company, they are not typically motivated by political or social causes.
- Insider threats are individuals within the organization who misuse their access to cause harm. While they could potentially leak the article early or sabotage the company’s response to attacks, they are not the most likely primary threat actor in this scenario.
Therefore, the security manager should prioritize hacktivists in the threat model when preparing for potential cyberattacks resulting from the CEO’s controversial opinion article.
CompTIA Security+ 2021 SY0-601 certification exam practice question and answer (Q&A) dump with detail explanation and reference available free, helpful to pass the CompTIA Security+ 2021 SY0-601 exam and earn CompTIA Security+ 2021 SY0-601 certification.