SY0-501 · Question #458
SY0-501 Question #458: Real Exam Question with Answer & Explanation
The correct answer is C: Block access to personal email on corporate systems. This question tests the ability to identify administrative and technical controls that reduce phishing attack surface. The correct answers address two key vectors: corporate systems being used to access personal email and social media exposure that enables spear-phishing reconnai
Question
A company has noticed multiple instances of proprietary information on public websites. It has also observed an increase in the number of email messages sent to random employees containing malicious links and PDFs. Which of the following changes should the company make to reduce the risks associated with phishing attacks? (Select TWO)
Options
- AInstall an additional firewall
- BImplement a redundant email server
- CBlock access to personal email on corporate systems
- DUpdate the X.509 certificates on the corporate email server
- EUpdate corporate policy to prohibit access to social media websites
- FReview access violation on the file server
Explanation
This question tests the ability to identify administrative and technical controls that reduce phishing attack surface. The correct answers address two key vectors: corporate systems being used to access personal email and social media exposure that enables spear-phishing reconnaissance.
Common mistakes.
- A. An additional firewall addresses network perimeter security but does not specifically mitigate phishing attacks, which rely on user interaction with malicious content rather than direct network intrusion.
- B. A redundant email server improves availability and fault tolerance but does nothing to filter or reduce malicious emails reaching employees, making it irrelevant to phishing risk reduction.
- D. Updating X.509 certificates on the corporate email server relates to email encryption and authentication integrity, but does not prevent employees from receiving or clicking on phishing emails.
- F. Reviewing file server access violations is a detective control useful for identifying a breach after it occurs, but it does not proactively reduce the risk of employees falling victim to phishing attacks.
Concept tested. Reducing phishing attack surface through policy controls
Reference. https://learn.microsoft.com/en-us/security/operations/incident-response-playbook-phishing
Community Discussion
No community discussion yet for this question.