Ace the SAI MIT Exam 2026 – Become a Member-in-Training Marvel!

Session length

1 / 20

Which statement best describes a phishing attack and a common mitigation?

A legitimate marketing email to collect opinions.

A malware that encrypts files.

An internal audit procedure.

A scam to obtain sensitive information via impersonation; mitigate by training, email filtering, multi-factor authentication, and URL checking.

Phishing relies on social engineering, where a scammer impersonates a trusted entity to trick you into revealing credentials or other sensitive information, often through fake emails or websites. The best mitigation combines people and technology: training helps you recognize suspicious requests and verify who’s contacting you; email filtering reduces the number of phishing messages that reach your inbox; multi-factor authentication makes it much harder for an attacker to use stolen credentials; and checking URLs or visiting sites only after verification prevents handing data to illegitimate sites. This approach addresses both the way phishing operates and how to limit its impact. The other options describe different concepts—a legitimate marketing email, ransomware, or an internal audit procedure—so they don’t fit the scenario.

Next Question
Subscribe

Get the latest from Examzify

You can unsubscribe at any time. Read our privacy policy