Skillset can help you prepare! Sign up for your free Skillset account and take the first steps towards your certification.
Toriel is an IT security consultant, specializing in social engineering and external penetration tests. Toriel has been hired on by Goat Defender Inc., a subcontractor for the US Department of Defense. Toriel has been given authority to perform any and all tests necessary to audit the company's network security.
No employees for the company, other than the IT director, know about Toriel's work she will be doing. Toriel's first step is to obtain a list of employees through company website contact pages. Then she befriends a female employee of the company through an online chat website. After meeting with the female employee numerous times, Toriel is able to gain her trust and they become friends. One day, Toriel steals the employee's access badge and uses it to gain unauthorized access to the Goat Defender Inc. offices.
What type of threat would Toriel be considered?
She would be considered an Insider Affiliate
Because she does not have any legal access herself, Toriel would be considered an Outside Affiliate
Since Toriel obtained access with a legitimate company badge; she would be considered a Pure Insider
Toriel is an Insider Associate since she has befriended an actual employee
An insider affiliate is a spouse, child, friend or client of an employee who uses an employee’s credentials to gain access. This can be as simple as a client coming to visit an employee and obtaining a badge that gives that person access to the facility. If the person goes to use the rest room and on the way wanders around looking at what is on people’s desks or computers, he/she could glean some sensitive information. << please provide clarification how this is not an outsider? The method used was to become an insider affiliate but the overall attack was initially that of an outsider.
Train with Skillset and pass your certification exam. Faster. Guaranteed.
Study thousands of practice questions that organized by skills and ranked by difficulty.
Create a tailored training plan based on the knowledge you already possess.
Know when you’re ready for the high-stakes exam. Have the confidence that you will pass on your first attempt.