ExamTopics Logo
Mail Us[email protected]
Menu
Comptia Discussions
exam questions

Exam CS0-002 All Questions

View all questions & answers for the CS0-002 exam
Go to Exam

Exam CS0-002 topic 1 question 317 discussion

Actual exam question from CompTIA's CS0-002
Question #: 317
Topic #: 1
[All CS0-002 Questions]

A security analyst is reviewing a suspected phishing campaign that has targeted an organization. The organization has enabled a few email security technologies in the last year: however, the analyst believes the security features are not working. The analyst runs the following command:

> dig domain._domainkey.comptia.org TXT

Which of the following email protection technologies is the analyst MOST likely validating?

  • A. SPF
  • B. DNSSEC
  • C. DMARC
  • D. DKIM
Show Suggested Answer Hide Answer
Suggested Answer: D 🗳️
by gnnggnnggnng at Feb. 4, 2023, 3:24 p.m.

Comments

Chosen Answer:
This is a voting comment (?). It is better to Upvote an existing comment if you don't have anything to add.
Switch to a voting comment New
Submit Cancel
gnnggnnggnng
Highly Voted 2 years, 5 months ago
Selected Answer: D
The analyst is validating the presence of a DomainKeys Identified Mail (DKIM) record in the domain's DNS (Domain Name System) using the dig command. The DKIM record is stored in the TXT resource record under the "_domainkey" subdomain for the specified domain. The analyst is verifying the presence of the DKIM record to ensure that the email security feature is functioning properly and the organization is protected against phishing attacks. The DKIM record is used to verify the authenticity of emails by ensuring that the message was not altered during transit and that it was actually sent by the domain specified in the "From" header.
upvoted 14 times
2Fish
2 years, 3 months ago
Agreed. In this case, Dig is being used to retrieve the TXT record associated with the DKIM selector for the domain "comptia.org". The result should return any TXT records that are associated with the DKIM selector for the domain, which can then be used to verify the authenticity of email messages sent from that domain.
upvoted 1 times
...
...
Skywalker89
Most Recent 1 year, 7 months ago
Selected Answer: B
Answer is b https://www.cyberciti.biz/faq/unix-linux-test-and-validate-dnssec-using-dig-command-line/
upvoted 1 times
...
karpal
2 years ago
Selected Answer: C
They mention : "a few email security technologies in the last year:" SPF, DMARC and DKIM are all TXT DNS records and are all email security methods. DMARC is an email authentication method built on top of DKIM and SPF. I will go with DMARC on this one. A sender policy framework (SPF) record is a type of DNS TXT record that lists all the servers authorized to send emails from a particular domain.  A DKIM record is really a DNS TXT ("text") record containing the public key of the sender DMARC is an email authentication method built on top of DKIM and SPF. DMARC describes what to do with an email that fails SPF and DKIM. Together, SPF, DKIM, and DMARC help prevent email spam and email spoofing. Like DKIM records, DMARC policies are stored as DNS TXT records. A DMARC record stores a domain's DMARC policy. DMARC records are stored in the Domain Name System (DNS) as DNS TXT records.  Refrences: https://www.cloudflare.com/learning/dns/dns-records/dns-dkim-record/
upvoted 1 times
...
rokerman
2 years, 3 months ago
Selected Answer: D
the dkim selector was used
upvoted 1 times
...
Community vote distribution
A (35%)
C (25%)
B (20%)
Other
Most Voted
A voting comment increases the vote count for the chosen answer by one.

Upvoting a comment with a selected answer will also increase the vote count towards that answer by one. So if you see a comment that you already agree with, you can upvote it instead of posting a new comment.

SaveCancel