Joe, a user, reports that several of his colleagues have received a suspicious email from his account that he did not send. A technician asks one of the colleagues to forward the email for inspection. After ruling out spoofing, the technician verifies the email originated from the corporate email server.
Which of the following is the FIRST step the technician should take to correct this issue?
A. See if Joe’s email address has been blacklisted
B. Change the password on Joe’s email account
C. Update the antivirus and perform a full scan on the PC
D. Isolate Joe’s computer from the network
CompTIA A+ 220-1102 (Core 1) ExamFULL Printable PDF and Software. VALID exam to help you PASS. |
 |
If D is the right answer it would be because you are starting the malware removal process and malware has hijacked his email.
ruled out spoofing
B. Change the password on Joe’s email account – that will stop hackers from successfully accessing Joe’s account
Not D — The Question says ” the technician verifies the email originated from the corporate email server” – that means that the email did not originate from Joe’s computer. So why isolate Joe’s computer if it isn’t the source?
that is also from DION cram test