nerdexam
EC-Council

312-50V10 · Question #717

When you return to your desk after a lunch break, you notice a strange email in your inbox. The sender is someone you did business with recently, but the subject line has strange characters in it. Wha

The correct answer is A. Forward the message to your company's security response team and permanently delete the. A suspicious email with strange characters from a known sender should be reported to the security response team and permanently deleted, not replied to or ignored.

Social Engineering

Question

When you return to your desk after a lunch break, you notice a strange email in your inbox. The sender is someone you did business with recently, but the subject line has strange characters in it. What should you do?

Options

  • AForward the message to your company's security response team and permanently delete the
  • BReply to the sender and ask them for more information about the message contents.
  • CDelete the email and pretend nothing happened.
  • DForward the message to your supervisor and ask for her opinion on how to handle the situation.

How the community answered

(19 responses)
  • A
    89% (17)
  • C
    5% (1)
  • D
    5% (1)

Why each option

A suspicious email with strange characters from a known sender should be reported to the security response team and permanently deleted, not replied to or ignored.

AForward the message to your company's security response team and permanently delete theCorrect

Forwarding the suspicious email to the security response team ensures trained professionals can analyze it for phishing, malware, or social engineering without putting the organization at further risk. Permanently deleting it afterward prevents accidental interaction while maintaining the security team's copy for investigation.

BReply to the sender and ask them for more information about the message contents.

Replying to the sender could confirm your email address as active to an attacker, trigger a malicious auto-response, or further expose you to a social engineering attempt.

CDelete the email and pretend nothing happened.

Deleting the email without reporting it deprives the security team of a potentially important threat indicator and violates standard incident reporting procedures.

DForward the message to your supervisor and ask for her opinion on how to handle the situation.

A supervisor is not the appropriate first contact for a potential security incident - the security response team has the tools and authority to properly investigate and contain a threat.

Concept tested: Phishing email incident response procedure

Source: https://www.cisa.gov/secure-our-world/recognize-and-report-phishing

Topics

#phishing#incident response#email security#suspicious email

Community Discussion

No community discussion yet for this question.

Full 312-50V10 Practice