CompTIA Security Exam Practice Questions Sample SY0 501 Q64

A user clicked an email link that led to a website than infected the workstation with a virus. The virus encrypted all the network shares to which the user had access. The virus was not deleted or blocked by the company’s email filter, website filter, or antivirus. Which of the following describes what occurred?

A. The user’s account was over-privileged.
B. Improper error handling triggered a false negative in all three controls.
C. The email originated from a private email server with no malware protection.
D. The virus was a zero-day attack.

Correct Answer: D

The answer here was A, but I corrected it to D.