A criminal organization is planning an attack on a government network. Which of the following scenarios presents the HIGHEST risk to the organization?
A criminal organization is planning an attack on a government network. Which of the following scenarios presents the HIGHEST risk to the organization?
The scenario that presents the highest risk to the criminal organization is losing control of their network devices. If the organization loses control of their network devices, they may be unable to coordinate or carry out the planned attack on the government network. This would compromise their operation entirely, halting their efforts and exposing them to potential detection and countermeasures by authorities. This loss of operational capability directly impacts their ability to execute their plans, making it the most severe risk they face.
ATTENTION the attacker is planning . If we consider that iy is need know the network to attack, the correct answer is D "attackers act like detectives, gathering information to truly understand their target. From examining email lists to open source information, their goal is to know the network better than the people who run and maintain it. They hone in on the security aspect of the technology, study the weaknesses, and use any vulnerability to their advantage." https://www.graylog.org/post/cyber-security-understanding-the-5-phases-of-intrusion
Answer is A Losing control of their network devices to Criminal organization is the Highest risk
A is correct
A CRIMINAL ORGANIZATION is planning an attack on a government network. Which of the following scenarios presents the HIGHEST risk to the ORGANIZATION? (To the criminals organization) - A: Will compromise the criminal organization, cannot carry out planned attack.
Why isn't D? like if attackers get Network topology, they have access to the IP ranges, Protocols being used, Ports, Operating system in use on the network including how many firewalls and switches in use.
Answer D They can get critical data that can use to other attack types
Eternal Blues... lol
It's only getting information about the network topology not the data if I understand correctly.
Guys you have to read the question again. Try to understand the question better. The organization being refered to with regard to the highest risk is the Criminal Organization not the government network. A CRIMINAL ORGANIZATION is planning an attack on a government network. Which of the following scenarios presents the HIGHEST risk to the ORGANIZATION? (To the criminals organization) - A: Will compromise the criminal organization, cannot carry out planned attack. I agree with Markrlucas
Seems B,C, and D can all be a result of A
When you know about the information in the network, it will make you leverage it and have access to the network, thereby making the organization lose control of the network. Once you know the organization's Main IP of the network is very risky, you can use it to flood traffic to gain control of the network.
It's a GOVERNMENT network! I think this is the key hint that decides whether the answer is A or D. In my opinion, A can come as a consequence of D. By gaining access to sensitive information about the network topology, criminal organization would basically know everything about the network making the attacks on the network more effective and more dangerous. So for me, it's D.
D presents the highest risk to the organization because it implies that the attacker has gained access to sensitive information about the network topology. This could enable the attacker to more effectively exploit the network by understanding its structure and vulnerabilities, which could result in more significant damage and disruption.
Reconnaissance Weaponising Delivery Installation Exploitation <--- D when knows about sensitive information Command and control <--A is at this stage Action
IF you think its NOT A.... you are not reading the question closely enough. The answer is A.
Why not B? If we consider that, we have to answer the question "What is the highest risk for the (attacking) organization?" It should be B. A is easy to solve for an attacker. "Their network devices" means their own network devices like a internet router. Not the ones in the goverment network. Just use a new internet access or hardware. But if they flood the goverment network with (unnaturally) communication traffic, they get flagged by IDS/IPS and easily detected.
The scenario that presents the highest risk to the organization is D. Attacker accesses sensitive information regarding the network topology. The network topology is the arrangement and configuration of the network devices, such as routers, switches, firewalls, servers, etc., and the connections between them, such as cables, wireless links, protocols, etc. The network topology defines how the network operates, communicates, and performs.
Agree with A.
C can be easily eliminated B could overwhelm network devices with a DDoS kind of attack and C may affect confidentiality. But, the biggest risk is losing network devices as there will be no comms and the impact will be financial and reputational. Hence, A sounds good.
Going with "A" on this one