CompTIA Security+ (SY0-501) — Question 809

Employees receive a benefits enrollment email from the company's human resources department at the beginning of each year. Several users have reported receiving the email but are unable to log in to the website with their usernames and passwords. Users who enter the URL for the human resources website can log in without issue. Which of the following security issues is occurring?

Answer options

• A. Several users' computers were not configured to use HTTPS to access the website
• B. The human resources servers received a large number of requests, resulting in a DoS
• C. The internal DNS server was compromised, directing users to a hacker's server
• D. Users received a social engineering email and were directed to an external website

Correct answer: D

Explanation

The correct answer is D because users were likely misled by a social engineering attack, which directed them to a fraudulent site. Options A, B, and C do not accurately describe the situation, as the users can access the website directly, indicating that the problem is not related to HTTPS, server overload, or DNS issues.