A tech worker's computer acts abnormally shortly after the worker starts their shift.

A zero-day exploit is a cyberattack that takes advantage of an unknown vulnerability in software, firmware, or hardware before a patch is available.

Key characteristics of a zero-day exploit:

The system was up-to-date on all patches and updates, meaning no known vulnerabilities should have been present.

The antivirus did not detect any malicious code, which suggests that the attack exploited an unknown flaw.

The worker did not engage in any behavior that introduced malware, ruling out traditional malware delivery methods.

Since zero-day exploits target vulnerabilities that have not yet been discovered or fixed, the attack likely bypassed existing security defenses.

A. Blended Threat: A combination of multiple attack methods (e.g., worms, Trojans, and phishing), but the scenario suggests a single point of failure.

B. Trojan Horse: Requires the worker to unknowingly install malicious software, which was not the case here.

C. Spear Phishing: Involves a targeted deceptive email, but there is no indication that the worker clicked on a fraudulent link or downloaded a malicious file.

Why Not the Other Options?Thus, the correct answer is D. Zero-day exploit as it best explains the system compromise despite all security measures being up to date.

Schneier, B. (2015). Data and Goliath: The Hidden Battles to Collect Your Data and Control Your World.

Mitre ATT&CK Framework - Zero-day Exploits.

OWASP Top Ten Security Risks (2023).

References in Ethics in Technology: