A user clicked an email link that led to a website than infected the
workstation with a virus. The virus encrypted all the network shares to which the user had access. The virus was not deleted or blocked by the company-s email filter, website filter, or antivirus. Which of the following describes what occurred?
A. The use
r-s account was over-privileged.
B. Improper error handling triggered a false negative in all three controls.
C. The email originated from a private email server with no malware protection.
D. The virus was a zero-day attack.