ExamTopics Logo
Mail Us[email protected]
Menu
Comptia Discussions
exam questions

Exam SY0-701 All Questions

View all questions & answers for the SY0-701 exam
Go to Exam

Exam SY0-701 topic 1 question 524 discussion

Actual exam question from CompTIA's SY0-701
Question #: 524
Topic #: 1
[All SY0-701 Questions]

A security report shows that during a two-week test period, 80% of employees unwittingly disclosed their SSO credentials when accessing an external website. The organization purposely created the website to simulate a cost-free password complexity test. Which of the following would best help reduce the number of visits to similar websites in the future?

  • A. Block all outbound traffic from the intranet.
  • B. Introduce a campaign to recognize phishing attempts.
  • C. Restrict internet access for the employees who disclosed credentials.
  • D. Implement a deny list of websites.
Show Suggested Answer Hide Answer
Suggested Answer: B 🗳️
by 9149f41 at Feb. 2, 2025, 10:14 a.m.

Comments

Chosen Answer:
This is a voting comment (?). It is better to Upvote an existing comment if you don't have anything to add.
Switch to a voting comment New
Submit Cancel
Zeez3377
3 weeks, 1 day ago
Selected Answer: B
I wont lie, I'm confused. CompTIA's definition of Phishing is a form of social engineering that involves communication via email, phone or text requesting a user take action, such as navigating to a fake website. On one hand, I think how did the employees know about the website in the first place? Probably an email. And the question asks how to REDUCE the number of visits. This makes me think a campaign just because it isnt asking to outright eliminate the amount of visits like a deny list would. On the other, my first reaction was a deny list just due to the lack of the word "email" in the question.
upvoted 1 times
...
Konversation
1 month, 1 week ago
Selected Answer: B
CompTIA expects for similar questions, that a "user training" is the best solution against phishing or similar activities. That's why I tend slightly to B over D.
upvoted 2 times
...
itsgonnabemay
1 month, 3 weeks ago
Selected Answer: D
The question says that the employees disclosed credentials when visiting an external website, not necessarily thorugh email (phishing). To prevent employees from visiting similar websites, it'd be best to implement a deny list of similar websites.
upvoted 2 times
...
9149f41
3 months, 1 week ago
Selected Answer: B
company delivered a fake Honeypot internal website to catch the staff who disbursed the SSO. So the activities relevant to phishing.
upvoted 1 times
...
Community vote distribution
A (35%)
C (25%)
B (20%)
Other
Most Voted
A voting comment increases the vote count for the chosen answer by one.

Upvoting a comment with a selected answer will also increase the vote count towards that answer by one. So if you see a comment that you already agree with, you can upvote it instead of posting a new comment.

SaveCancel
exam
Someone Bought Contributor Access for:
SY0-701
London, 1 minute ago