Digital Forensic Certification Practice Exam

What type of attack did Jack perform by manipulating client records to harm his organization's reputation?

• A. Brute-force attack
• B. Internal attack
• C. External attack
• D. Trojan horse attack

The correct answer is: Internal attack

The type of attack performed by Jack, who manipulated client records to harm his organization's reputation, is classified as an internal attack. This classification is based on the premise that the attacker is utilizing their legitimate access or knowledge about the organization and its assets to exploit vulnerabilities within their own environment. Since internal attackers often hold positions within the organization, they have insider knowledge that allows them to execute attacks more effectively. Internal attacks can lead to significant damage, especially when the attacker targets sensitive data or disrupts key operational functions, as seen in this scenario where client records are compromised. Such actions can severely impact an organization’s reputation, as they directly breach the trust placed in the company by its clients and stakeholders. The other types of attacks listed don't align as well with Jack's actions. For instance, a brute-force attack involves trying numerous combinations to gain unauthorized access, typically associated with password cracking attempts against systems rather than data manipulation. An external attack is executed by individuals or groups from outside the organization, which does not apply in this case since Jack is an insider. Lastly, a Trojan horse attack involves malicious software disguised as legitimate software, which again does not align with the act of manipulating records directly. Thus, internal attack is the most fitting term for Jack's actions