Shayla is an IT security consultant, specializing in social engineering and external penetration tests. Shayla has been hired on by Treks Avionics, a subcontractor for the Department of Defense. Shayla has been given authority to perform any and all tests necessary to audit the company’s network security.
No employees for the company, other than the IT director, know about Shayla’s work she will be doing. Shayla’s first step is to obtain a list of employees through company website contact pages. Then she befriends a female employee of the company through an online chat website. After meeting with the female employee numerous times, Shayla is able to gain her trust and they become friends. One day, Shayla steals the employee’s access badge and uses it to gain unauthorized access to the Treks Avionics offices.
What type of insider threat would Shayla be considered?
A . She would be considered an Insider Affiliate
B . Because she does not have any legal access herself, Shayla would be considered an Outside Affiliate
C . Shayla is an Insider Associate since she has befriended an actual employee
D . Since Shayla obtained access with a legitimate company badge; she would be considered a Pure Insider
Answer: A
Leave a Reply