ExamTopics Logo
Mail Us[email protected]
Menu
Comptia Discussions
exam questions

Exam CS0-002 All Questions

View all questions & answers for the CS0-002 exam
Go to Exam

Exam CS0-002 topic 1 question 244 discussion

Actual exam question from CompTIA's CS0-002
Question #: 244
Topic #: 1
[All CS0-002 Questions]

A security analyst is reviewing existing email protection mechanisms to generate a report. The analysis finds the following DNS records:


Record 1 -
v=spf1 ip4:192:168.0.0/16 include:_spf.marketing.com include: thirdpartyprovider.com ~all


Record 2 -
“v=DKIM1\ k=rsa\; p=MIGfMA0GCSqh7d8hyh78Gdg87gd98hag86ga98dhay8gd7ashdca7yg79auhudig7df9ah8g76ag98dhay87ga9”


Record 3 -
_dmarc.comptia.com TXT v=DMARC1\; p=reject\; pct=100; rua=mailto:[email protected]

Which of the following options provides accurate information to be included in the report?

  • A. Record 3 serves as a reference of the security features configured at Record 1 and 2.
  • B. Record 1 is used as a blocklist mechanism to filter unauthorized senders.
  • C. Record 2 is used as a key to encrypt all outbound messages sent.
  • D. The three records contain private information that should not be disclosed.
Show Suggested Answer Hide Answer
Suggested Answer: A 🗳️
by chiquito at Dec. 10, 2022, 7:15 a.m.

Comments

Chosen Answer:
This is a voting comment (?). It is better to Upvote an existing comment if you don't have anything to add.
Switch to a voting comment New
Submit Cancel
jleonard_ddc
Highly Voted 2 years, 1 month ago
Selected Answer: A
The DMARC record is what tells us to do with messages that don’t properly align to SPF / DKIM. WRONG ANSWERS • B – this SPF record, as configured, is a softfail. That means it functions as less of a blocklist and more as a quarantine list. • C – the DKIM key is used to sign, not encrypt, outbound messages. • D – all 3 records must be in public DNS or e-mail servers outside the organization would be unable to reference them and use them.
upvoted 8 times
2Fish
2 years, 1 month ago
Agree. I think the softfail on B says it all. It should be -all if we are trying to hard fail on requests. the ~all will allow the mail but treat it with suspicion.
upvoted 1 times
...
...
Rickhrd
Most Recent 1 year, 9 months ago
Selected Answer: A
It’s A Look at the wiki for dkim
upvoted 1 times
...
Cookieman
2 years, 1 month ago
~all means mark as suspicious, not block, so B is incorrect
upvoted 1 times
...
knister
2 years, 2 months ago
Selected Answer: A
The answer A is the correct one, I am with encxorblood on this one. This is set a soft fail and will not reject an email that does not pass the SPF checkup.
upvoted 1 times
...
encxorblood
2 years, 2 months ago
Selected Answer: A
Option A provides accurate information to be included in the report. Record 1 specifies the SPF (Sender Policy Framework) record, which lists authorized IP addresses and domains that are allowed to send email on behalf of the organization. It includes two other domains (_spf.marketing.com and thirdpartyprovider.com) as authorized senders, and sets the default policy to soft fail (~all), which means that emails that fail SPF checks may still be accepted, but may be marked as suspicious.
upvoted 2 times
...
CatoFong
2 years, 3 months ago
Selected Answer: B
Correct answer is B
upvoted 1 times
...
wannabehacker
2 years, 3 months ago
which is the safer answer, the one the site says it is, or the most voted?
upvoted 1 times
...
chiquito
2 years, 3 months ago
Sorry! previous comment
upvoted 1 times
...
chiquito
2 years, 3 months ago
I withdraw my preview comment. Correct answer is B:
upvoted 1 times
...
marc4354345
2 years, 4 months ago
Selected Answer: B
B: SPF is used to declare authorized senders. C is wrong because it's the public key hence it is used for de-cryption, not encryption.
upvoted 3 times
bob12356
2 years, 4 months ago
Agreed B
upvoted 2 times
...
2Fish
2 years, 1 month ago
From my understanding the DKIM record is for digitally signing messages not encryption. DKIM provides a degree of assurance that the email is authentic, it does not provide end-to-end encryption of the email message content. If end-to-end encryption is required, other methods such as S/MIME or PGP can be used.
upvoted 1 times
...
...
chiquito
2 years, 4 months ago
Correct Answer C: What private information is contained in the three records to make D: the correct answer? https://cipher.com/blog/phishing-protection-spf-dkim-dmarc/
upvoted 1 times
...
Community vote distribution
A (35%)
C (25%)
B (20%)
Other
Most Voted
A voting comment increases the vote count for the chosen answer by one.

Upvoting a comment with a selected answer will also increase the vote count towards that answer by one. So if you see a comment that you already agree with, you can upvote it instead of posting a new comment.

SaveCancel
exam
Someone Bought Contributor Access for:
SY0-701
London, 1 minute ago