ExamTopics Logo
Mail Us[email protected]
Menu
Comptia Discussions
exam questions

Exam SY0-701 All Questions

View all questions & answers for the SY0-701 exam
Go to Exam

Exam SY0-701 topic 1 question 259 discussion

Actual exam question from CompTIA's SY0-701
Question #: 259
Topic #: 1
[All SY0-701 Questions]

A security team has been alerted to a flood of incoming emails that have various subject lines and are addressed to multiple email inboxes. Each email contains a URL shortener link that is redirecting to a dead domain. Which of the following is the best step for the security team to take?

  • A. Create a blocklist for all subject lines.
  • B. Send the dead domain to a DNS sinkhole.
  • C. Quarantine all emails received and notify all employees.
  • D. Block the URL shortener domain in the web proxy.
Show Suggested Answer Hide Answer
Suggested Answer: B 🗳️
by RoRoRoYourBoat at Aug. 9, 2024, 12:47 a.m.

Comments

Chosen Answer:
This is a voting comment (?). It is better to Upvote an existing comment if you don't have anything to add.
Switch to a voting comment New
Submit Cancel
RoRoRoYourBoat
Highly Voted 5 months ago
Selected Answer: D
D. Block the URL shortener domain in the web proxy: By blocking the URL shortener domain, the security team can prevent users from accessing potentially malicious links, even if the domain is currently dead. This proactive measure helps mitigate the risk of future attacks using the same URL shortener.
upvoted 10 times
...
laternak26
Most Recent 2 weeks, 5 days ago
Selected Answer: B
NOT D. Block the URL shortener domain in the web proxy: Blocking the URL shortener domain in the web proxy is a good idea if you suspect that the malicious URLs lead to a harmful site, but in this case, the links are redirecting to a dead domain. The malicious domain itself is no longer active, so blocking the URL shortener might not address the immediate threat. Additionally, this step doesn't prevent other similar attacks with different shorteners or domains in the future.
upvoted 4 times
...
Eracle
2 weeks, 6 days ago
Selected Answer: D
Even if the domain they redirect URLs to is currently dead, the URL could be reactivated in the future for malicious purposes.
upvoted 1 times
...
gingergroot
1 month, 1 week ago
Selected Answer: B
B. GPT
upvoted 3 times
Eracle
2 days, 5 hours ago
D. GPT in my case
upvoted 1 times
...
...
jsmthy
3 months, 2 weeks ago
Selected Answer: C
Quarantine is correct. The dead domain may not do anything, but there can be several layers of redirects. You can place the dead domain on the DNS sinkhole, but that won't prevent users from clicking the links. If you block the URL shortener, you could block legitimate traffic to that shortener.
upvoted 1 times
...
dhewa
3 months, 2 weeks ago
Selected Answer: B
Well D is an option but it might not address the root cause if the attacker switches to a different URL shortener.
upvoted 2 times
...
nyyankee718
3 months, 2 weeks ago
Selected Answer: B
URL shortener will not block everything
upvoted 3 times
...
Hayder81
4 months, 1 week ago
D. Block the URL shortener domain in the web proxy:
upvoted 2 times
...
Community vote distribution
A (35%)
C (25%)
B (20%)
Other
Most Voted
A voting comment increases the vote count for the chosen answer by one.

Upvoting a comment with a selected answer will also increase the vote count towards that answer by one. So if you see a comment that you already agree with, you can upvote it instead of posting a new comment.

SaveCancel
exam
Someone Bought Contributor Access for:
SY0-701
London, 1 minute ago