nerdexam
Exams220-1002Questions#817
CompTIA

220-1002 · Question #817

220-1002 Question #817: Real Exam Question with Answer & Explanation

The correct answer is D: Joe's email password was compromised. The critical evidence here is that the malicious emails appear in Joe's sent items folder. Email spoofing forges the 'From' address but does not involve logging into the account-spoofed emails would not appear in Joe's sent folder. A man-in-the-middle attack intercepts communicat

Question

Joe, a user, is getting out-of-office replies from people he did not email. A technician inspects Joe's inbox and sees a sent email that appears to have come from Joe. The email contains a link to a well-known company's website, which is spelled incorrectly. Joe's sent items folder shows dozens of emails that were sent to everyone on his contact list. Which of the following is the MOST likely cause of this issue?

Options

  • AJoe was the victim of a man-in-the-middle attack
  • BJoe inadvertently triggered a mail merge
  • CJoe's email address was spoofed
  • DJoe's email password was compromised

Explanation

The critical evidence here is that the malicious emails appear in Joe's sent items folder. Email spoofing forges the 'From' address but does not involve logging into the account-spoofed emails would not appear in Joe's sent folder. A man-in-the-middle attack intercepts communication but does not result in mass emails sent to contacts. A mail merge is a deliberate user action. Because the emails are in Joe's sent folder and were delivered from his actual account to his real contact list, an attacker must have authenticated to Joe's email account-meaning his password was compromised and his account was used to send the phishing emails.

Community Discussion

No community discussion yet for this question.

Sign up to join the discussion
Full 220-1002 Practice