An employee reports a suspicious email that appears to be from the help desk. Which two details are the strongest signs of phishing? Select two.

The email signature includes the company logo and a professional font.

Professional formatting can be copied easily and does not prove that the sender is legitimate.

The message was delivered during normal business hours.

Timing alone is not a reliable indicator of phishing because attackers can send messages at any time.

The subject line includes the employee's department name.

Personalized subjects can still be spoofed and are not enough by themselves to confirm malicious intent.

What does this SY0-701 question test?

Static NAT maps one inside address to one outside address.

What is the correct answer to this question?

The correct answer is: The message creates urgency and threatens account suspension within 15 minutes. — The strongest phishing indicators are urgency and a look-alike sender domain. Attackers often pressure users with threats or deadlines to bypass careful thinking, and they commonly imitate trusted organizations using slight domain variations. These clues are more reliable than formatting or generic personalization because they reflect attacker behavior and impersonation techniques rather than normal business communication patterns. Why others are wrong: A company logo, business-hour delivery, or a subject line using a department name can all appear in legitimate messages. Those traits may be present in phishing too, but they are not strong indicators on their own. They are too easy to copy and do not prove that the message is malicious. The best signs are the tactics that reveal impersonation or social pressure.

What should I do if I get this SY0-701 question wrong?

Then try more questions from the same exam bank and focus on understanding why the wrong options are tempting.