(ISC)2 Certified in Cybersecurity Practice Exam

Which term describes an entity with authorized access that can harm an information system?

• A. External Threat
• B. Insider Threat
• C. Malicious Actor
• D. Compromised User

The correct answer is: Insider Threat

The term describing an entity with authorized access that can harm an information system is "Insider Threat." Insider threats involve individuals who have legitimate access to an organization's resources, such as employees, contractors, or business partners, and may intentionally or unintentionally engage in harmful activities. These threats can pose significant risks because insiders are often familiar with the organization's security protocols, systems, and sensitive data, allowing them to exploit their access to carry out malicious actions, like data theft or system sabotage. Understanding insider threats is crucial in cybersecurity, as organizations must develop strategies to mitigate this risk through access controls, employee training, and monitoring of user activity to ensure that authorized access is not misused. Other terms, while relevant in the context of cybersecurity, do not specifically capture the essence of having authorized access to harm the system. For instance, external threats typically refer to individuals or groups outside the organization attempting to gain unauthorized access, and malicious actors can refer to any individuals with harmful intent, regardless of their access level. A compromised user refers to a legitimate user who has had their credentials hijacked or misused but does not necessarily imply that the user is acting maliciously themselves.