nerdexam
CompTIA

SY0-301 · Question #264

A user has received an email from an external source which asks for details on the company's new product line set for release in one month. The user has a detailed spec sheet but it is marked "Interna

The correct answer is B. Contact the help desk and/or incident response team to determine next steps. When a user receives a suspicious external request targeting information marked as 'Internal Proprietary,' this is a potential social engineering or corporate espionage attempt and should be treated as a security incident. The correct action is to escalate to the help desk or inc

Security operations

Question

A user has received an email from an external source which asks for details on the company's new product line set for release in one month. The user has a detailed spec sheet but it is marked "Internal Proprietary Information". Which of the following should the user do NEXT?

Options

  • AContact their manager and request guidance on how to best move forward
  • BContact the help desk and/or incident response team to determine next steps
  • CProvide the requestor with the email information since it will be released soon anyway
  • DReply back to the requestor to gain their contact information and call them

How the community answered

(36 responses)
  • B
    94% (34)
  • C
    3% (1)
  • D
    3% (1)

Explanation

When a user receives a suspicious external request targeting information marked as 'Internal Proprietary,' this is a potential social engineering or corporate espionage attempt and should be treated as a security incident. The correct action is to escalate to the help desk or incident response team, who can investigate the request, determine if it is malicious, and advise accordingly. Contacting a manager (A) is reasonable but the IR/help desk is the proper security escalation path. Providing the information (C) is wrong regardless of imminent release - unauthorized disclosure of proprietary data violates policy. Replying to gather contact info (D) could expose the user to further social engineering.

Topics

#data classification#incident response#information handling#social engineering

Community Discussion

No community discussion yet for this question.

Full SY0-301 Practice