CompTIA Cloud+ Practice Test

If suspicious emails containing phishing links are reported, what should the cloud administrator do?

• A. Forward the email to the systems team distribution list.
• B. Click on the URL link to verify the website.
• C. Change the encryption key for the organization and lock out all users.
• D. Notify users to reset their passwords regardless of email interaction.

The correct answer is: Change the encryption key for the organization and lock out all users.

While it's important for cloud administrators to enhance security in response to potential threats, changing the encryption key and locking out all users is an extreme and potentially disruptive measure that may not directly address the phishing threat. The correct approach involves ensuring that users are aware of the phishing emails and understand the potential risks. Options that promote awareness and protective actions are more appropriate. Notifying users to reset their passwords, for example, can be an effective way to protect any accounts that may have been compromised or targeted by the phishing attempt. This approach helps in reinforcing good security practices among users and mitigating risks related to unauthorized access, especially if they clicked on the links in the phishing emails. Verification of the phishing link by clicking on it can expose the administrator to risk rather than providing a security benefit. Forwarding the email to the systems team may help in resolving the matter but does not provide immediate protection to users. Thus, taking proactive steps to protect users, such as advising them to reset their passwords, is a more effective and responsible response to a reported phishing incident.