nerdexam
ExamsCAS-003Questions#482
CompTIA

CAS-003 · Question #482

CAS-003 Question #482: Real Exam Question with Answer & Explanation

The correct answer is B: Security awareness training. The scenario explicitly states that remote users are bypassing the network perimeter controls (which are already in place). Because remote users are off-network, perimeter-based technical controls like URL filtering and anti-spam gateways cannot protect them at the moment of clic

Question

A security administrator is concerned about the increasing number of users who click on malicious links contained within phishing emails. Although the company has implemented a process to block these links at the network perimeter, many accounts are still becoming compromised. Which of the following should be implemented for further reduce the number of account compromises caused by remote users who click these links?

Options

  • AAnti-spam gateways
  • BSecurity awareness training
  • CURL rewriting
  • DInternal phishing campaign

Explanation

The scenario explicitly states that remote users are bypassing the network perimeter controls (which are already in place). Because remote users are off-network, perimeter-based technical controls like URL filtering and anti-spam gateways cannot protect them at the moment of click. Security awareness training (B) is a people-layer control that works regardless of the user's location-it teaches employees to recognize phishing attempts before clicking. Anti-spam gateways (A) are already implied by the perimeter controls mentioned and do not help remote users. URL rewriting (C) rewrites links inside emails to route through a proxy, which can help, but it is a perimeter/mail gateway control that may not apply to already-delivered emails accessed remotely. Internal phishing campaigns (D) are a component of awareness training, not a standalone solution.

Community Discussion

No community discussion yet for this question.

Sign up to join the discussion
Full CAS-003 Practice