Certified Information Systems Auditor (CISA) — Question 1205

Which of the following user actions poses the GREATEST risk for inadvertently introducing malware into a local network?

Answer options

• A. Downloading a file from an enterprise file share
• B. Viewing a hypertext markup language (HTML) document
• C. Uploading a file onto an internal server
• D. Opening an email attachment from an external account

Correct answer: D

Explanation

Opening an email attachment from an external account is particularly risky because these attachments can easily contain malicious software that could infect the local network. In contrast, downloading from an enterprise file share, viewing HTML documents, or uploading files to an internal server typically involve more controlled and secure environments, reducing the risk of malware introduction.