CompTIA Security+ (SY0-701) — Question 532

While updating the security awareness training, a security analyst wants to address issues created if vendors' email accounts are compromised. Which of the following recommendations should the security analyst include in the training?

Answer options

• A. Refrain from clicking on images included in emails from new vendors
• B. Delete emails from unknown service provider partners.
• C. Require that invoices be sent as attachments
• D. Be alert to unexpected requests from familiar email addresses

Correct answer: D

Explanation

The correct answer, D, emphasizes the need to be vigilant about unexpected requests, even from recognized contacts, as these could indicate a compromised account. Options A and B do not effectively address the risks associated with vendor email compromises, and option C could create unnecessary barriers for legitimate communications.