CompTIA CySA+ (CS0-002) — Question 173

An email analysis system notifies a security analyst that the following message was quarantined and requires further review.

From:[email protected]
To:[email protected]
Subject: [EXTERNAL] Gift card purchase ASAP
Body:

Please purchase gift cards to any major electronics store and reply with pictures of them to this email!

Which of the following actions should the security analyst take?

Answer options

• A. Release the email for delivery due to its importance.
• B. Immediately contact a purchasing agent to expedite.
• C. Delete the email and block the sender.
• D. Purchase the gift cards and submit an expense report

Correct answer: C

Explanation

The correct answer is C because the email exhibits characteristics of a phishing attempt, urging the recipient to perform potentially fraudulent actions. Releasing the email (A), contacting a purchasing agent (B), or buying gift cards (D) could expose the organization to financial risk or compromise security.