KT-EMS Malicious attachments

Email filter quarantined a PDF with embedded JavaScript. Why is this noteworthy?

Multiple choice — select one answer

Answer choices

  1. a. JavaScript in PDF only affects printers, without security or identity team coordination per policy.
  2. b. PDFs can launch actions or download second-stage payloads when opened in vulnerable readers
  3. c. Quarantine means the file is guaranteed safe, without security or identity team coordination per policy.
  4. d. PDFs cannot contain active content, without security or identity team coordination per policy.

Architectural breakdown & explanation

Malicious PDF features are a documented attachment risk; quarantine is appropriate.

Correct answer(s): b. PDFs can launch actions or download second-stage payloads when opened in vulnerable readers

Exam domain: Malicious attachments (25% weight on the official guide).

Official documentation & study links

Practice this certification

This page is one question from the KeyTrain's Key Training — Email Security bank. Run a full timed practice exam with domain-weighted random questions in your browser.