CompTIA Security+ (SY0-701) — Question 582

An unexpected and out-of-character email message from a Chief Executive Officer's corporate account asked an employee to provide financial information and to change the recipient's contact number. Which of the following attack vectors is most likely being used?

Answer options

• A. Business email compromise
• B. Phishing
• C. Brand impersonation
• D. Pretexting

Correct answer: A

Explanation

The correct answer is A, Business email compromise, as this scenario involves an attacker impersonating the CEO to manipulate an employee into providing sensitive information. Option B, phishing, generally refers to broader attempts to deceive users into revealing information, while C, brand impersonation, focuses on mimicking a company brand rather than a specific person. D, pretexting, involves creating a fabricated scenario to obtain information, but does not specifically describe the impersonation of a high-ranking individual as seen here.