ExamTopics Logo
Mail Us[email protected]
Menu
Comptia Discussions
exam questions

Exam CS0-002 All Questions

View all questions & answers for the CS0-002 exam
Go to Exam

Exam CS0-002 topic 1 question 81 discussion

Actual exam question from CompTIA's CS0-002
Question #: 81
Topic #: 1
[All CS0-002 Questions]

A security analyst is researching ways to improve the security of a company's email system to mitigate emails that are impersonating company executives. Which of the following would be BEST for the analyst to configure to achieve this objective?

  • A. A TXT record on the name server for SPF
  • B. DNSSEC keys to secure replication
  • C. Domain Keys Identified Mail
  • D. A sandbox to check incoming mail
Show Suggested Answer Hide Answer
Suggested Answer: C 🗳️
by Laudy at Sept. 7, 2022, 12:55 a.m.

Comments

Chosen Answer:
This is a voting comment (?). It is better to Upvote an existing comment if you don't have anything to add.
Switch to a voting comment New
Submit Cancel
ThisGuyStillLearning
Highly Voted 2 years, 9 months ago
In a nutshell, SPF allows email senders to define which IP addresses are allowed to send mail for a particular domain. DKIM on the other hand, provides an encryption key and digital signature that verifies that an email message was not forged or altered.
upvoted 11 times
...
RobV
Most Recent 1 year, 6 months ago
Selected Answer: C
C. Domain Keys Identified Mail
upvoted 1 times
...
buchhe
1 year, 10 months ago
Selected Answer: C
DMARC (domain-based message authentication, reporting, and conformance) and DKIM (domain keys identified mail) are configurations that are performed on a DNS server to verify whether email being sent by a third-party is verified to send it on behalf of the organization.
upvoted 2 times
...
2Fish
2 years, 3 months ago
Selected Answer: C
C. If an attacker tries to impersonate an email address from a domain that has implemented DKIM, the digital signature will not match the public key in the DNS records, and the email will be flagged as suspicious or rejected by the recipient's email server.
upvoted 2 times
...
absabs
2 years, 4 months ago
If SPF record set correctly, everbody sends mail. first thing is DKIM, when about impersonating. SPF more related about whether mail sending
upvoted 3 times
...
TeyMe
2 years, 8 months ago
Selected Answer: A
Sender Policy Framework (SPF) uses a DNS record published by an organization hosting email service. The SPF record—there must be only one per domain—identifies the hosts authorized to send email from that domain. VS DomainKeys Identified Mail (DKIM) provides a cryptographic authentication mechanism. This can replace or supplement SPF.
upvoted 2 times
...
R00ted
2 years, 9 months ago
Selected Answer: C
C is the best answer
upvoted 3 times
...
amateurguy
2 years, 9 months ago
Selected Answer: C
C should be the correct answer
upvoted 1 times
...
Laudy
2 years, 10 months ago
definitely DKIM
upvoted 3 times
Laudy
2 years, 10 months ago
SPF lets you authorize senders that are allowed to send email on behalf of your domain. DKIM signs every outgoing message with your unique signature, so receiving servers can verify the message came from you. SPF and DKIM let receiving servers verify that messages that appear to be from your domain are legitimate.
upvoted 2 times
Laudy
2 years, 10 months ago
https://netcorecloud.com/tutorials/spf-dkim-dmarc/#:~:text=SPF%20DKIM%20and%20DMARC%20are,sending%20emails%20through%20your%20domain.
upvoted 1 times
...
...
...
Community vote distribution
A (35%)
C (25%)
B (20%)
Other
Most Voted
A voting comment increases the vote count for the chosen answer by one.

Upvoting a comment with a selected answer will also increase the vote count towards that answer by one. So if you see a comment that you already agree with, you can upvote it instead of posting a new comment.

SaveCancel