SY0-501 · Question #529
SY0-501 Question #529: Real Exam Question with Answer & Explanation
The correct answer is A: Policy violation. The data breach most likely occurred because Joe violated company policy by sending confidential emails over an unsecure public Wi-Fi network without a VPN, leading to the interception of communications.
Question
Joe, a salesman, was assigned to a new project that requires him to travel to a client site. While waiting for a flight, Joe decides to connect to the airport wireless network without connecting to a VPN, and then sends confidential emails to fellow colleagues. A few days later, the company experiences a data breach. Upon investigation, the company learns Joe's emails were intercepted. Which of the following MOST likely caused the data breach?
Options
- APolicy violation
- BSocial engineering
- CInsider threat
- DZero--day attack
Explanation
The data breach most likely occurred because Joe violated company policy by sending confidential emails over an unsecure public Wi-Fi network without a VPN, leading to the interception of communications.
Common mistakes.
- B. Social engineering involves psychological manipulation to trick individuals into divulging information or performing actions, which is not what occurred as Joe intentionally chose to use an unsecure connection.
- C. While Joe is an insider, the scenario describes negligence leading to interception via an unsecure connection, rather than a malicious misuse of internal access or privileges, making policy violation a more precise cause.
- D. A zero-day attack exploits a previously unknown software vulnerability, which is not indicated by the interception of emails over an unsecure public Wi-Fi network.
Concept tested. Security Policy Adherence and Secure Communication Practices
Reference. https://learn.microsoft.com/en-us/compliance/regulatory/security-and-compliance-overview
Community Discussion
No community discussion yet for this question.