اختبار شهادة محلل الأمن السيبراني CompTIA CySA+

A security analyst notices multiple attempts of the same exploit being made on the perimeter network. The behavioral patterns indicate that a TCP SYN flood attack has been initiated, followed by a port scan of the company's public IP range. No other attacks are being performed from the actor's source IP address. All of the SYN flood attempts were thwarted by the firewall's stateful packet inspection engine. Which of the following is the most likely type of threat actor in this scenario?