The XYZ company was attacked by an entity who was authorized to access system resources but who used them in a way not approved by those who granted the authorization. This is an example of:

A.
An active attack

B.
An outside attack

C.
An inside attack

D.
A passive attack

Explanation:
An inside attack is initiated by an entity inside the security
perimeter who is authorized to access system resources but uses them in a way not
approved by those who granted the authorization. An outside attack is initiated from
outside the perimeter by an unauthorized or illegitimate user of the system. An
active attack attempts to alter system resources to affect their operation. A
passive attack attempts to learn or make use of the information from the system but
does not affect system resources.