Deal of The Day! Hurry Up, Grab the Special Discount - Save 25% - Ends In 00:00:00 Coupon code: SAVE25
Welcome to Pass4Success

- Free Preparation Discussions
Mail Us support@pass4success.com
Location US
Mob_nav_barsMENU

CompTIA Exam SY0-701 Topic 5 Question 16 Discussion

Actual exam question for CompTIA's SY0-701 exam
Question #: 16
Topic #: 5
[All SY0-701 Questions]

A security analyst and the management team are reviewing the organizational performance of a recent phishing campaign. The user click-through rate exceeded the acceptable risk threshold, and the management team wants to reduce the impact when a user clicks on a link in a phishing message. Which of the following should the analyst do?

Show Suggested Answer Hide Answer
Suggested Answer: D

Risk threshold is the maximum amount of risk that an organization is willing to accept for a given activity or decision. It is also known as risk appetite or risk tolerance. Risk threshold helps an organization to prioritize and allocate resources for risk management. Risk indicator, risk level, and risk score are different ways of measuring or expressing the likelihood and impact of a risk, but they do not describe the maximum allowance of accepted risk.Reference:CompTIA Security+ Study Guide: Exam SY0-701, 9th Edition, page 34;Accepting Risk: Definition, How It Works, and Alternatives


by Jacki at Jun 01, 2024, 10:32 PM

Limited Time Offer

25%

Off

Get Premium SY0-701 Questions as Interactive Web-Based Practice Test or PDF

Contribute your Thoughts:

Submit Cancel
Desirae
2 months ago
I'd like to see the analyst implement a two-factor authentication system. That way, even if someone clicks on a phishing link, they can't actually access sensitive information without an additional security step. Just a thought!
upvoted 0 times
Shawna
27 days ago
D: Let's bring this up to the management team as a potential solution.
upvoted 0 times
...
Alishia
1 months ago
C: I agree, it would help mitigate the risk of unauthorized access.
upvoted 0 times
...
Jina
1 months ago
B: That's a great idea! It would add an extra layer of security for our users.
upvoted 0 times
...
Cathern
1 months ago
A: We should definitely consider implementing a two-factor authentication system.
upvoted 0 times
...
...
Chantell
2 months ago
A) Putting up posters might be a good way to raise awareness, but it's not going to have a significant impact on reducing the click-through rate. This is like trying to put a band-aid on a gaping wound.
upvoted 0 times
...
Aja
2 months ago
I think C) Updating the EDR policies is a good idea, but it's more of a secondary measure. Blocking automatic execution of downloaded programs is important, but it won't stop the phishing emails from reaching the users in the first place.
upvoted 0 times
Jenelle
27 days ago
A: And then we can also consider updating the EDR policies as a secondary measure to block automatic execution of downloaded programs.
upvoted 0 times
...
Naomi
1 months ago
B: I agree, that way we can stop the phishing emails from even reaching the users' inboxes.
upvoted 0 times
...
Cordie
1 months ago
A: We should definitely go with B) Implement email security filters to prevent phishing emails from being delivered.
upvoted 0 times
...
...
Ty
2 months ago
D) Creating additional training for users is a great idea, but it shouldn't be the only step. Combining user education with technical controls like email filtering is the most effective approach.
upvoted 0 times
Cheryll
1 months ago
C: That's a good start, but we should also update our EDR policies to block automatic execution of downloaded programs.
upvoted 0 times
...
Lavera
2 months ago
B: I agree, we should implement email security filters to help prevent those emails from getting through.
upvoted 0 times
...
Tish
2 months ago
A: We need to do something about this high click-through rate on phishing emails.
upvoted 0 times
...
...
Tu
3 months ago
B) Implementing email security filters is the best way to prevent phishing emails from being delivered in the first place. Relying on user awareness alone is not enough to protect against sophisticated phishing attacks.
upvoted 0 times
Barrett
2 months ago
C: Updating the EDR policies to block automatic execution of downloaded programs could also help in reducing the impact of phishing attacks.
upvoted 0 times
...
Silva
2 months ago
B: Agreed, that would be a more proactive approach to protecting our organization.
upvoted 0 times
...
Tamar
2 months ago
A: We should definitely implement email security filters to prevent phishing emails from getting through.
upvoted 0 times
...
...
Mariann
3 months ago
I believe option D is also important. Providing additional training for users can help them recognize phishing attempts and avoid clicking on malicious links.
upvoted 0 times
...
Patria
3 months ago
I agree with Marge. Email security filters are a proactive measure to reduce the risk of users clicking on phishing links.
upvoted 0 times
...
Marge
4 months ago
I think we should go with option B. Implementing email security filters can help prevent phishing emails from reaching our employees.
upvoted 0 times
...

Save Cancel