During an incident involving phishing, a security analyst needs to find the source of the malicious email. Which of the following techniques would provide the analyst with this information?
Correct. Email headers contain valuable information about the email's origin, route, and servers involved in its transmission. By examining the email headers, an analyst can trace back the source IP address and potentially identify the sender's location or originating mail server. (The Official CompTIA CySA+ Student Guide Exam)
A) header analysis
Sybex Study Guide :
// Analyzing Email //
Most organizations use automated email analysis as a first line of defense against malicious
and spam emails. Automated tools look for indicators like known malicious or spam
senders, often using block lists built using information from around the world. They also
scan every email looking for malicious payloads like malware or other unwanted files.
The same tools often perform header analysis and message content analysis. Header analysis looks at the content of the email’s header.
upvoted 3 times
...
This section is not available anymore. Please use the main Exam Page.CS0-003 Exam Questions
Log in to ExamTopics
Sign in:
Community vote distribution
A (35%)
C (25%)
B (20%)
Other
Most Voted
A voting comment increases the vote count for the chosen answer by one.
Upvoting a comment with a selected answer will also increase the vote count towards that answer by one.
So if you see a comment that you already agree with, you can upvote it instead of posting a new comment.
kmordalv
Highly Voted 6 months, 2 weeks ago[Removed]
Most Recent 5 months, 1 week ago