CompTIA Security+ (SY0-501) — Question 470

Joe, a salesman, was assigned to a new project that requires him to travel to a client site. While waiting for a flight, Joe, decides to connect to the airport wireless network without connecting to a VPN, and the sends confidential emails to fellow colleagues. A few days later, the company experiences a data breach. Upon investigation, the company learns Joe's emails were intercepted. Which of the following MOST likely caused the data breach?

Answer options

• A. Policy violation
• B. Social engineering
• C. Insider threat
• D. Zero-day attack

Correct answer: A

Explanation

The correct answer is A, as Joe violated company policies by using an unsecured public Wi-Fi network to send confidential information without a VPN, which directly led to the data breach. The other options do not apply: social engineering refers to manipulation tactics to gain information, insider threat implies malicious intent from an employee which isn't clear in this scenario, and a zero-day attack involves exploiting unpatched software vulnerabilities, which is not relevant here.