exam questions

Exam SY0-701 All Questions

View all questions & answers for the SY0-701 exam

Exam SY0-701 topic 1 question 6 discussion

Actual exam question from CompTIA's SY0-701
Question #: 6
Topic #: 1
[All SY0-701 Questions]

Which of the following scenarios describes a possible business email compromise attack?

  • A. An employee receives a gift card request in an email that has an executive’s name in the display field of the email.
  • B. Employees who open an email attachment receive messages demanding payment in order to access files.
  • C. A service desk employee receives an email from the HR director asking for log-in credentials to a cloud administrator account.
  • D. An employee receives an email with a link to a phishing site that is designed to look like the company’s email portal.
Show Suggested Answer Hide Answer
Suggested Answer: C 🗳️

Comments

Chosen Answer:
This is a voting comment (?). It is better to Upvote an existing comment if you don't have anything to add.
Switch to a voting comment New
lauren2wright
Highly Voted 1 year, 2 months ago
C. In a BEC attack, the attacker typically impersonates a high-ranking executive or authority figure within the organization and requests sensitive information or actions from employees. In this case, the HR director is requesting log-in credentials for a cloud administrator account, which is a classic example of BEC where the attacker seeks to gain access to privileged accounts through deception.
upvoted 29 times
TheMichael
11 months, 4 weeks ago
Answer: A. It could be C if there wasn't a better option, but a BEC is about impersonating, and in the answer choice C it doesn't specify that someone is acting as hr, whereas A is a better choice because they are clear that someone is being impersonated. Your boss requests documents all the time, they don't need to demand it. The choice is clearly A.
upvoted 13 times
Snooozey
11 months, 1 week ago
The best answer is C. The HR Director is not your boss, but someone high in your organization. They are asking for cloud administrator credentials, which has nothing to do with HR, so there is a chance that the directors email account has been compromised and the hacker is now hoping that you will just give in to their request because of the higher rank. In this situation you would follow up with the HR Director in person to determine if they actually made the request and if they really need the credentials for a legitimate reason.
upvoted 6 times
a4e15bd
11 months ago
The fact that the email has the executive's name in the display field strongly suggest impersonation which is a hallmark of BEC. Both A and C involve impersonation which is central to BEC with scenario A being a class BEC because it is specifically leveraging the executives identity to request gift card which is a common BEC tactic.
upvoted 2 times
MistyUnicorn
1 week, 5 days ago
A is FED, and c is BEC
upvoted 1 times
...
...
...
...
...
Wagone
Most Recent 5 days, 8 hours ago
Selected Answer: C
The correct answer is: C. A service desk employee receives an email from the HR director asking for log-in credentials to a cloud administrator account. Here's why: This scenario most accurately reflects a Business Email Compromise (BEC) attack, which typically involves: Impersonation of a high-level executive or trusted individual. Social engineering tactics to trick employees into transferring money, sharing sensitive information, or credentials. A focus on email-based deception, rather than malware or phishing links.
upvoted 1 times
...
MistyUnicorn
1 week, 5 days ago
Selected Answer: C
Answer A is FED, and C is BEC
upvoted 1 times
...
1chung
2 weeks, 1 day ago
Selected Answer: C
I go with C
upvoted 1 times
...
sentinell
2 weeks, 3 days ago
Selected Answer: A
A: An employee receives a gift card request in an email that has an executive’s name in the display field of the email. This is a classic Business Email Compromise (BEC) scenario. BEC attacks often involve impersonating high-level executives—like a CEO or CFO—using spoofed email addresses or display names to trick employees into sending money, gift cards, or sensitive data. These emails typically don’t contain links or attachments, which makes them harder to detect with traditional security tools.
upvoted 1 times
...
319b362
3 weeks ago
Selected Answer: A
Why A is the correct answer: This is a classic and well-documented BEC scenario. The attacker spoofs or impersonates an executive, often using display name tricks. They send a socially engineered request, like asking for gift cards or wire transfers. No links or attachments — just urgent, manipulative language. This matches the FBI’s official definition of BEC: "A scam targeting businesses working with foreign suppliers and/or businesses that regularly perform wire transfer payments. It is carried out by compromising legitimate business email accounts through social engineering or computer intrusion techniques."
upvoted 1 times
...
Burklton
3 weeks ago
Selected Answer: A
A is a classic BEC attack where the attacker impersonates an executive for financial gain (gift cards). C is spear-phishing that also fits within BEC, focusing on credential theft by impersonating an HR director.
upvoted 2 times
...
analog4ever
3 weeks, 1 day ago
Selected Answer: C
C is the best answer here. BEC is all about the attacker using a compromised account to conduct financial fraud or other type of scam. A is only indicating the email has the executive name in the display field and not necessarily from a compromised account.
upvoted 1 times
...
Jforged
3 weeks, 6 days ago
Selected Answer: A
The best answer is A. This scenario describes a classic Business Email Compromise (BEC) attack known as CEO fraud. In these attacks, a cybercriminal impersonates a high-ranking executive—often using a spoofed email address or just the display name—to trick an employee into taking urgent action, like buying gift cards or wiring money. Let’s quickly break down the others: - B is more indicative of a ransomware attack, where files are encrypted and payment is demanded. - C could be a phishing or credential harvesting attempt, but unless the HR director’s identity is spoofed or compromised, it doesn’t fully align with BEC. - D is a phishing attack using a fake login page, which is common but not specific to BEC.
upvoted 1 times
...
JotaJoe
4 weeks ago
Selected Answer: C
A or C coincide with BEC definition (Impersonation of High Officers or HR); A is a typical BEC, C is a sophisticated BEC.
upvoted 1 times
...
nnamo2
4 weeks, 1 day ago
Selected Answer: A
it is the only answer that has an attacker impersonating a high executive ......so A is the answer
upvoted 1 times
...
Sparky80
1 month, 2 weeks ago
Selected Answer: C
A BEC involves a fraudulent email that appears to come from a trusted executive or employee and is used to trick someone into transferring money, sensitive data, or credentials.
upvoted 1 times
...
fisher004
1 month, 3 weeks ago
Selected Answer: C
The correct answer is C. Business email compromise (BEC) is a type of cybercrime where the scammer uses email to trick someone into sending money or divulging confidential company info. The culprit poses as a trusted figure, then asks for a fake bill to be paid or for sensitive data they can use in another scam. It is a type of phishing attack that targets organizations with a view to steal money or sensitive information. Only option where a trusted entity is impersonated and a request for sensitive information is made is C.
upvoted 1 times
...
Jon_Million
2 months ago
Selected Answer: A
This scenario describes a Business Email Compromise (BEC) attack: BEC attacks typically involve impersonating a trusted figure in the organization (like a CEO or executive). The attacker spoofs the display name to make the email look legitimate. These emails often ask for urgent actions such as wiring money, sending sensitive data, or purchasing gift cards. They usually don't involve attachments or obvious malware — just social engineering.
upvoted 1 times
...
Ekim149
2 months, 1 week ago
Selected Answer: A
A Business Email Compromise (BEC) is a targeted social engineering attack where the attacker impersonates a company executive or high-level employee (like a CEO or CFO) to trick an employee—often in finance or HR—into: -Sending money (e.g., wiring funds or buying gift cards) -Disclosing sensitive information -Changing payment account details ✅ Why A is correct: The attacker spoofs the executive’s name in the “From” field, attempting to trick the employee into acting quickly without verifying the request. Gift card scams are a common variant of BEC, especially those pretending to be from executives asking assistants or finance staff to urgently buy cards.
upvoted 1 times
...
8f23125
2 months, 3 weeks ago
Selected Answer: A
Option | Scenario | Type of Attack A | Impersonates an executive asking for gift cards | ✅ BEC attack (common tactic) B | Ransom message after opening an attachment | ❌ Ransomware, not BEC C | Credential theft request from HR director | ❌ Phishing or Social Engineering, but not necessarily BEC D | Link to a fake email login portal | ❌ Phishing, not BEC
upvoted 3 times
...
eroc1990
2 months, 3 weeks ago
Selected Answer: C
For those answering A, this attack doesn't necessarily need to come from an internal address. Although it can in some cases, in quite a few cases the attack originates from a freemail user that changed their display name to match the display name of a C level or other executive. Option C is the only one (as of April 18, 2025) that could originate from inside the organization that fits the bill.
upvoted 1 times
...
Community vote distribution
A (35%)
C (25%)
B (20%)
Other
Most Voted
A voting comment increases the vote count for the chosen answer by one.

Upvoting a comment with a selected answer will also increase the vote count towards that answer by one. So if you see a comment that you already agree with, you can upvote it instead of posting a new comment.

SaveCancel
Loading ...