New Year Sale 2026! Hurry Up, Grab the Special Discount - Save 25% - Ends In 00:00:00 Coupon code: SAVE25
Welcome to Pass4Success

- Free Preparation Discussions
Mail Us support@pass4success.com
Location US
Mob_nav_barsMENU

CompTIA CS0-003 Exam - Topic 1 Question 47 Discussion

Actual exam question for CompTIA's CS0-003 exam
Question #: 47
Topic #: 1
[All CS0-003 Questions]

A recent penetration test discovered that several employees were enticed to assist attackers by visiting specific websites and running downloaded files when prompted by phone calls. Which of the following would best address this issue?

Show Suggested Answer Hide Answer
Suggested Answer: A

Increasing training and awareness for all staff is the best way to address the issue of employees being enticed to assist attackers by visiting specific websites and running downloaded files when prompted by phone calls. This issue is an example of social engineering, which is a technique that exploits human psychology and behavior to manipulate people into performing actions or divulging information that benefit the attackers. Social engineering can take many forms, such as phishing, vishing, baiting, quid pro quo, or impersonation. The best defense against social engineering is to educate and train the staff on how to recognize and avoid common social engineering tactics, such as:

Verifying the identity and legitimacy of the caller or sender before following their instructions or clicking on any links or attachments

Being wary of unsolicited or unexpected requests for information or action, especially if they involve urgency, pressure, or threats

Reporting any suspicious or anomalous activity to the security team or the appropriate authority

Following the organization's policies and procedures on security awareness and best practices

Official Reference:

https://partners.comptia.org/docs/default-source/resources/comptia-cysa-cs0-002-exam-objectives

https://www.comptia.org/certifications/cybersecurity-analyst

https://www.comptia.org/blog/the-new-comptia-cybersecurity-analyst-your-questions-answered


by Rosalyn at Aug 03, 2025, 02:44 AM

Limited Time Offer

25%

Off

Get Premium CS0-003 Questions as Interactive Web-Based Practice Test or PDF

Contribute your Thoughts:

0/2000 characters
Submit Cancel
Felix
2 months ago
Wait, people actually fell for that?
upvoted 0 times
...
Sherell
2 months ago
Blocking malicious sites is a must!
upvoted 0 times
...
Veronika
2 months ago
Not sure training alone will fix this.
upvoted 0 times
...
Gertude
3 months ago
Disabling apps seems too extreme, right?
upvoted 0 times
...
Paulina
3 months ago
Definitely need more training for staff.
upvoted 0 times
...
Dewitt
3 months ago
I feel like option A makes the most sense, but I wonder if we should also consider some technical controls like blocking certain downloads.
upvoted 0 times
...
Kenneth
4 months ago
I think we had a practice question about disabling scripts, but that seems too extreme. It might affect productivity.
upvoted 0 times
...
Ngoc
4 months ago
I'm not sure if just blocking websites would solve the problem. People can still be tricked into downloading files from other sources.
upvoted 0 times
...
Lindsey
4 months ago
I remember we discussed how training can really help prevent social engineering attacks like this. Maybe option A is the best choice?
upvoted 0 times
...
Major
4 months ago
Okay, I think I've got this. Increasing training for all staff is the best way to address the social engineering issue described in the question. Gotta make sure everyone is aware of the risks and how to spot those kinds of attacks.
upvoted 0 times
...
Salley
4 months ago
Disabling the ability to run downloaded apps seems a bit extreme. That could really impact productivity. I'd go with the training and awareness option - that's probably the most practical solution.
upvoted 0 times
...
Ashleigh
4 months ago
Hmm, I'm a bit unsure about this one. Blocking malicious websites and downloaded scripts could help, but that might be too restrictive. I'll need to think it through carefully.
upvoted 0 times
...
Elly
5 months ago
This seems like a straightforward question about addressing social engineering attacks. I think the best approach would be to focus on increasing employee awareness and training.
upvoted 0 times
...
Marjory
5 months ago
I see your point, Jesusita, but I still think training is more important in the long run.
upvoted 0 times
...
Jesusita
5 months ago
But wouldn't blocking all scripts downloaded from the internet be more effective?
upvoted 0 times
...
Emily
5 months ago
I agree, but Option B is also a good idea. Blocking access to those malicious websites is crucial to prevent the issue in the first place.
upvoted 0 times
Kirk
2 months ago
Disabling downloads might be too extreme. Training is better.
upvoted 0 times
...
Janna
2 months ago
True, but blocking those websites is also essential.
upvoted 0 times
...
Ira
2 months ago
I think increasing training is key. Awareness can really help.
upvoted 0 times
...
Pamella
3 months ago
Agreed, but we need both training and website blocking.
upvoted 0 times
...
...
Ashlyn
6 months ago
Option A is the way to go! Increased training and awareness will help employees be more vigilant against these types of attacks.
upvoted 0 times
Bette
5 months ago
A) Increasing training and awareness for all staff
upvoted 0 times
...
...
Jovita
6 months ago
I agree with Marjory, educating employees is key to preventing such incidents.
upvoted 0 times
...
Marjory
7 months ago
I think increasing training and awareness for all staff is the best option.
upvoted 0 times
...

Save Cancel