ExamGecko
Question list
Search
Search

List of questions

Search

Related questions











Question 171 - CS0-003 discussion

Report
Export

A payroll department employee was the target of a phishing attack in which an attacker impersonated a department director and requested that direct deposit information be updated to a new account. Afterward, a deposit was made into the unauthorized account. Which of the following is one of the first actions the incident response team should take when they receive notification of the attack?

A.
Scan the employee's computer with virus and malware tools.
Answers
A.
Scan the employee's computer with virus and malware tools.
B.
Review the actions taken by the employee and the email related to the event
Answers
B.
Review the actions taken by the employee and the email related to the event
C.
Contact human resources and recommend the termination of the employee.
Answers
C.
Contact human resources and recommend the termination of the employee.
D.
Assign security awareness training to the employee involved in the incident.
Answers
D.
Assign security awareness training to the employee involved in the incident.
Suggested answer: B

Explanation:

In case of a phishing attack, it's crucial to review what actions were taken by the employee and analyze the phishing email to understand its nature and impact.

Reference:CompTIA CySA+ Study Guide: Exam CS0-003, 3rd Edition, Chapter 6, page 246;CompTIA CySA+ CS0-003 Certification Study Guide, Chapter 6, page 255.

asked 02/10/2024
Lakshmi Yechuri
40 questions
User
Your answer:
0 comments
Sorted by

Leave a comment first