A user clicked an email link that led to a website than infected the workstation with a virus. The virus encrypted all the network shares to which the user had access. The virus was not deleted or blocked by the company’s email filter, website filter, or antivirus. Which of the following describes what occurred?
A.
The user’s account was over-privileged.
B.
Improper error handling triggered a false negative in all three controls.
C.
The email originated from a private email server with no malware protection.
D.
The virus was a zero-day attack.
Its D
10
0
The answer should be D. There is no way to know if the user should have had access to all those locations or not, so no way to know if he or she was over-privileged. We do know that none of the software designed to detect a virus was triggered, so that suggests that it could be a zero-day attack.
12
0
D. coz it bypassed all 3 filters
7
0
It is absolutely and unequivocally D
8
0