Which term describes a situation in which a legitimate device is used without the owner's consent to perform malicious activities?

The term that accurately describes a situation where a legitimate device is used without the owner's consent to perform malicious activities is best referred to as a "Zombie Device."

A Zombie Device refers to a computer or other connected device that has been compromised and is being controlled by an attacker without the owner’s knowledge or agreement. This situation typically occurs when malware infects the device, enabling the attacker to utilize its resources for malicious tasks, such as participating in distributed denial-of-service (DDoS) attacks, sending spam emails, or conducting unauthorized access to networks and data.

The other terms given in the choices have distinct meanings. An Insider Threat involves individuals within an organization who may misuse their access to information and systems. Unauthorized Access refers to situations where someone gains access to a device or network without permission, but this does not specifically denote the use of a legitimate device. Social Engineering involves tactics used by attackers to manipulate people into divulging confidential information, rather than directly compromising a device.

Therefore, the concept of a Zombie Device best captures the scenario of a legitimate device being hijacked for malicious purposes.