Deal of The Day! Hurry Up, Grab the Special Discount - Save 25% - Ends In 00:00:00 Coupon code: SAVE25
Welcome to Pass4Success

- Free Preparation Discussions
Mail Us support@pass4success.com
Location US
Mob_nav_barsMENU

CompTIA Exam SY0-701 Topic 5 Question 16 Discussion

Actual exam question for CompTIA's SY0-701 exam
Question #: 16
Topic #: 5
[All SY0-701 Questions]

A security analyst and the management team are reviewing the organizational performance of a recent phishing campaign. The user click-through rate exceeded the acceptable risk threshold, and the management team wants to reduce the impact when a user clicks on a link in a phishing message. Which of the following should the analyst do?

Show Suggested Answer Hide Answer
Suggested Answer: D

Risk threshold is the maximum amount of risk that an organization is willing to accept for a given activity or decision. It is also known as risk appetite or risk tolerance. Risk threshold helps an organization to prioritize and allocate resources for risk management. Risk indicator, risk level, and risk score are different ways of measuring or expressing the likelihood and impact of a risk, but they do not describe the maximum allowance of accepted risk.Reference:CompTIA Security+ Study Guide: Exam SY0-701, 9th Edition, page 34;Accepting Risk: Definition, How It Works, and Alternatives


by Jacki at Jun 01, 2024, 10:32 PM

Limited Time Offer

25%

Off

Get Premium SY0-701 Questions as Interactive Web-Based Practice Test or PDF

Contribute your Thoughts:

Submit Cancel
Desirae
15 days ago
I'd like to see the analyst implement a two-factor authentication system. That way, even if someone clicks on a phishing link, they can't actually access sensitive information without an additional security step. Just a thought!
upvoted 0 times
...
Chantell
21 days ago
A) Putting up posters might be a good way to raise awareness, but it's not going to have a significant impact on reducing the click-through rate. This is like trying to put a band-aid on a gaping wound.
upvoted 0 times
...
Aja
23 days ago
I think C) Updating the EDR policies is a good idea, but it's more of a secondary measure. Blocking automatic execution of downloaded programs is important, but it won't stop the phishing emails from reaching the users in the first place.
upvoted 0 times
...
Ty
27 days ago
D) Creating additional training for users is a great idea, but it shouldn't be the only step. Combining user education with technical controls like email filtering is the most effective approach.
upvoted 0 times
Lavera
4 days ago
B: I agree, we should implement email security filters to help prevent those emails from getting through.
upvoted 0 times
...
Tish
16 days ago
A: We need to do something about this high click-through rate on phishing emails.
upvoted 0 times
...
...
Tu
1 months ago
B) Implementing email security filters is the best way to prevent phishing emails from being delivered in the first place. Relying on user awareness alone is not enough to protect against sophisticated phishing attacks.
upvoted 0 times
Barrett
4 days ago
C: Updating the EDR policies to block automatic execution of downloaded programs could also help in reducing the impact of phishing attacks.
upvoted 0 times
...
Silva
10 days ago
B: Agreed, that would be a more proactive approach to protecting our organization.
upvoted 0 times
...
Tamar
24 days ago
A: We should definitely implement email security filters to prevent phishing emails from getting through.
upvoted 0 times
...
...
Mariann
2 months ago
I believe option D is also important. Providing additional training for users can help them recognize phishing attempts and avoid clicking on malicious links.
upvoted 0 times
...
Patria
2 months ago
I agree with Marge. Email security filters are a proactive measure to reduce the risk of users clicking on phishing links.
upvoted 0 times
...
Marge
2 months ago
I think we should go with option B. Implementing email security filters can help prevent phishing emails from reaching our employees.
upvoted 0 times
...

Save Cancel