Free CompTIA CySA+ CS0-003 Practice Question

Following a data breach at a financial corporation, the cybersecurity team is conducting a review to determine the attacker's initial access method. Initial findings reveal the compromise of an internal email account two weeks before the unauthorized data extraction occurred. Further investigation highlights that the compromised account received a suspicious email, which preceded signs of abnormal access patterns. To enhance preventative strategies, what should be targeted as the MOST likely root cause enabling the subsequent breach?

  • The deficiency in the intrusion detection system that did not alert on the abnormal access patterns

  • The data extraction from the compromised system

  • The phishing attack that targeted the internal email system

  • The later identified abnormal access patterns linked to the event

This question's topic:
CompTIA CySA+ CS0-003 / 
Incident Response and Management
Your Score:

Check or uncheck an objective to set which questions you will receive.