A computer on a company network was infected with a zero-day exploit after an employee accidently
opened an email that contained malicious content. The employee recognized the email as malicious and
was attempting to delete it, but accidently opened it. Which of the following should be done to prevent
this scenario from occurring again in the future?
A.
Install host-based firewalls on all computers that have an email client installed
B.
Set the email program default to open messages in plain text
C.
Install end-point protection on all computers that access web email
D.
Create new email spam filters to delete all messages from that sender
The scenario says nothing about web mail being involved.
You would update the spam protection rules either via a software update or create the rule locally.
Passed Security+ SY0-401 exam few days ago! Scored 815/900, the passing score is 750/900 now!
Got 75 questions with 2 performance based at the beginning! About 4 SIMs.
2 questions about Security Assertions Markup Language SAML and 1 question about Containers.
Configure Firewall with 4 ACL and match multifactor authenication.
Select the appropriate attack type for each scenario such as spear pushing, whaling, vishing, phishing, and hoax.
I learned Darrill Gibson’s book and CBT Nuggets study materials, and practised PassLeader SY0-401 dumps: http://www.passleader.com/sy0-401.html (1867q VCE and PDF dumps).
P.S. Download that 1867q SY0-401 dumps for free here:
https://doc.co/FTT4SW
Good Luck!
I think choice D is the most simple and straight forward solution. I agree with thompson69 that the question did not mention it is a web mail. In fact, a computer on a company network over 90% are NOT using web mail. They use web mail only at home. Choice C is MOST likely NOT the BEST answer. My final answer is D.
It’s B.
“Unfortunately, many email clients that render email as HTML allow JavaScript to execute when the document is loaded, so even the simple act of selecting an email with an open preview pane may be enough to cause serious damage.
Even without scripting, email can make use of advanced HTML and CSS techniques to overlay links on parts of the document that don’t look like links so that an accidental click anywhere might send you to a web site in your browser that has the malicious scripts there.”
Benfits of plain text email
1.Plain text email doesn’t support images, so you can’t be tracked by the email senders
2.Plain text email lets you see the links you’re clicking so you can tell if you’re clicking on a link that goes to capitalone.com or one that sends you to capitalone.evilsender.com.ru
3.Plain text email doesn’t support scripting so your email doesn’t try to perform actions on your computer
4. Plain text email is easier and faster to read
http://www.auctioneertech.com/2009/reading-plain-text-email-is-safer-and-faster-and-preserves-privacy/
Agree. Can not be D cuz if we get another zero-day from another source, we are screwed up again. So opening in plain text is better because the code can not be executed
I agree with Black. How about if the message is coming from a different sender, what would spam filters to delete all messages from that sender do any good and the question is also talking about a zero day so end-point protection won’t do any good either because the endpoint won’t understand the attack