Q: 5
[Introduction to Incident Handling and Response]
Which of the following is the BEST method to prevent email incidents?
Options
Discussion
Its D. Technical controls like B (disabling HTML) help, but attackers always find new tricks. End-user training actually changes behavior so people spot phishing or suspicious links before damage happens. EC-Council usually wants the control that reduces human error, not just technical exposure. Pretty sure D is what they'd expect unless it said 'only technical'. Agree?
B, not D
Probably B for this one. Disabling HTML in email fields stops a lot of script-based attacks and makes phishing attempts look less convincing. Not sure if it's the best, but seems like a strong technical control here.
Had something like this in a mock, I chose B
Cameron, I don’t think it’s B. D is what EC-Council expects since user error drives most incidents, not just HTML exploits.
D or B, but D makes more sense since a lot of incidents start with users clicking bad links. Even if you disable HTML, social engineering still gets through. Pretty sure EC-Council wants D here unless they're asking technical only. Agree?
D tbh. B is tempting technically, but 'best' on the exam usually points to training since most incidents are human error. Some folks pick B as a trap option, seen similar logic on practice sets.
B , because disabling HTML blocks a bunch of malicious scripts and makes phishing harder. It’s a common technical trap answer on these. Maybe not the most holistic, but seems safest to me here.
Be respectful. No spam.
