ExamTopics Logo
Mail Us[email protected]
Menu
Comptia Discussions
exam questions

Exam SY0-501 All Questions

View all questions & answers for the SY0-501 exam
Go to Exam

Exam SY0-501 topic 1 question 368 discussion

Actual exam question from CompTIA's SY0-501
Question #: 368
Topic #: 1
[All SY0-501 Questions]

Security administrators attempted corrective action after a phishing attack. Users are still experiencing trouble logging in, as well as an increase in account lockouts. Users' email contacts are complaining of an increase in spam and social networking requests. Due to the large number of affected accounts, remediation must be accomplished quickly.
Which of the following actions should be taken FIRST? (Choose two.)

  • A. Disable the compromised accounts
  • B. Update WAF rules to block social networks
  • C. Remove the compromised accounts with all AD groups
  • D. Change the compromised accounts' passwords
  • E. Disable the open relay on the email server
  • F. Enable sender policy framework
Show Suggested Answer Hide Answer
Suggested Answer: EF 🗳️
Sender Policy Framework (SPF) is a simple email-validation system designed to detect email spoofing by providing a mechanism to allow receiving mail exchangers to check that incoming mail from a domain comes from a host authorized by that domain's administrators. n a Small Business Server environment, you may have to prevent your Microsoft Exchange Server-based server from being used as an open relay SMTP server for unsolicited commercial e-mail messages, or spam.
You may also have to clean up the Exchange server's SMTP queues to delete the unsolicited commercial e- mail messages.
If your Exchange server is being used as an open SMTP relay, you may experience one or more of the following symptoms:
The Exchange server cannot deliver outbound SMTP mail to a growing list of e-mail domains.
Internet browsing is slow from the server and from local area network (LAN) clients.
Free disk space on the Exchange server in the location of the Exchange information store databases or the Exchange information store transaction logs is reduced more rapidly than you expect.
The Microsoft Exchange information store databases spontaneously dismount. You may be able to manually mount the stores by using Exchange System
Manager, but the stores may dismount on their own after they run for a short time. For more information, click the following article number to view the article in the
Microsoft Knowledge Base.
by Brjy at June 1, 2021, 3:45 p.m.

Comments

Chosen Answer:
This is a voting comment (?). It is better to Upvote an existing comment if you don't have anything to add.
Switch to a voting comment New
Submit Cancel
jeff420
4 years ago
is this a network+ question because sender policy framework is not in the security+ exam objectives?
upvoted 1 times
...
Brjy
4 years, 1 month ago
first time i read about this ''Sender Policy Framework''!!
upvoted 1 times
...
Community vote distribution
A (35%)
C (25%)
B (20%)
Other
Most Voted
A voting comment increases the vote count for the chosen answer by one.

Upvoting a comment with a selected answer will also increase the vote count towards that answer by one. So if you see a comment that you already agree with, you can upvote it instead of posting a new comment.

SaveCancel