While updating the security awareness training, a security analyst wants to address issues created if vendors' email accounts are compromised. Which of the following recommendations should the security analyst include in the training?
A.
Refrain from clicking on images included in emails from new vendors
B.
Delete emails from unknown service provider partners.
C.
Require that invoices be sent as attachments
D.
Be alert to unexpected requests from familiar email addresses
D. Be alert to unexpected requests from familiar email addresses
Explanation:
Compromised email accounts are a common attack vector. If a vendor's email account is compromised, attackers may use it to send legitimate-looking, but malicious, emails. Employees should be trained to recognize unexpected requests from familiar email addresses, as this could indicate that an email is fraudulent or part of a phishing attack.
why not A:
A. Refrain from clicking on images included in emails from new vendors: While this is good advice, it is more specific to a single type of attack (e.g., image-based phishing) and may not address the broader issue of compromised accounts.
upvoted 2 times
...
Log in to ExamTopics
Sign in:
Community vote distribution
A (35%)
C (25%)
B (20%)
Other
Most Voted
A voting comment increases the vote count for the chosen answer by one.
Upvoting a comment with a selected answer will also increase the vote count towards that answer by one.
So if you see a comment that you already agree with, you can upvote it instead of posting a new comment.
test_arrow
1 day, 13 hours ago