CompTIA Security+ SY0-701 Practice Question
As the security analyst for a financial institution, you uncover evidence of repeated access attempts on a user account during off-hours. Your investigation identifies that the attempts originate from a geographical location not sanctioned for any business operations. Which category of threat actor does this situation suggest is most likely involved?
A novice individual testing their ability to infiltrate a network without malicious intent
An internal staff member attempting to access the network remotely with misconfigured settings
A threat actor external to the organization using targeted measures to compromise systems
A case of shadow IT where individuals within the organization are using unapproved external services