CompTIA
CAS-002 · Question #556
CAS-002 Question #556: Real Exam Question with Answer & Explanation
The correct answer is B: Malware infection. Using social networking sites for business communications introduces malware, phishing, and social engineering risks because public posts expose company and employee information to adversaries.
Question
A company is evaluating a new marketing strategy involving the use of social networking sites to reach its customers. The marketing director wants to be able to report important company news, product updates, and special promotions on the social websites. After an initial and successful pilot period, other departments want to use the social websites to post their updates as well. The Chief Information Officer (CIO) has asked the company security administrator to document three negative security impacts of allowing IT staff to post work related information on such websites. Which of the following are the major risks the security administrator should report back to the CIO? (Select THREE).
Options
- ABrute force attacks
- BMalware infection
- CDDOS attacks
- DPhishing attacks
- ESQL injection attacks
- FSocial engineering attacks
Explanation
Using social networking sites for business communications introduces malware, phishing, and social engineering risks because public posts expose company and employee information to adversaries.
Common mistakes.
- A. Brute force attacks target authentication systems directly and are not a risk introduced specifically by employees posting on social networking sites.
- C. DDoS attacks are infrastructure-level volumetric attacks that are not caused or enabled by a company's social media posting activity.
- E. SQL injection is a web application input-validation vulnerability that is unrelated to the act of posting information on social networking platforms.
Concept tested. Social media security risks - malware, phishing, social engineering
Reference. https://www.cisa.gov/sites/default/files/publications/Social_Media_Cybersecurity_Tip_Sheet_Final.pdf
Community Discussion
No community discussion yet for this question.