nerdexam
EC-Council

312-50V10 · Question #504

First thing you do every office day is to check your email inbox. One morning, you received an email from your best friend and the subject line is quite strange. What should you do?

The correct answer is C. Forward the message to your company's security response team and permanently delete the. A suspicious email from a known contact with an unusual subject line should be reported to the security response team and then permanently deleted to prevent potential malware execution.

Social Engineering

Question

First thing you do every office day is to check your email inbox. One morning, you received an email from your best friend and the subject line is quite strange. What should you do?

Options

  • ADelete the email and pretend nothing happened.
  • BForward the message to your supervisor and ask for her opinion on how to handle the situation.
  • CForward the message to your company's security response team and permanently delete the
  • DReply to the sender and ask them for more information about the message contents.

How the community answered

(27 responses)
  • A
    7% (2)
  • B
    4% (1)
  • C
    89% (24)

Why each option

A suspicious email from a known contact with an unusual subject line should be reported to the security response team and then permanently deleted to prevent potential malware execution.

ADelete the email and pretend nothing happened.

Deleting the email without reporting it deprives the security team of a potential threat indicator and leaves the organization unaware of a possible phishing campaign or compromised account.

BForward the message to your supervisor and ask for her opinion on how to handle the situation.

A supervisor is not trained in threat analysis; the correct escalation path for suspicious emails is the dedicated security response or SOC team, not management.

CForward the message to your company's security response team and permanently delete theCorrect

Forwarding the suspicious email to the security response team ensures trained professionals can analyze it for phishing, malware, or account compromise indicators before it can cause harm. Permanently deleting the message afterward removes the threat from your inbox and prevents accidental interaction. This follows standard security incident reporting procedures and protects both the individual and the organization.

DReply to the sender and ask them for more information about the message contents.

Replying to a suspicious email may confirm your address as active to an attacker, trigger auto-execution of malicious content, or provide a social engineering foothold.

Concept tested: Suspicious email security incident reporting procedure

Source: https://www.cisa.gov/resources-tools/resources/phishing-guidance-stopping-attack-cycle-phase-one

Topics

#phishing awareness#email security#incident reporting#social engineering response

Community Discussion

No community discussion yet for this question.

Full 312-50V10 Practice