10.9.8 Practice Questions Flashcards
Question 1.
You have been receiving a lot of phishing emails sent from the domain kenyan.msn.pl. Links within these emails open new browser windows at youneedit.com.pl.
You want to make sure that these emails never reach your inbox, but you also want to make sure that emails from other senders are not affected.
What should you do?
answer
Add msn.pl to the email blacklist.
Add pl to the email blacklist.
Add kenyan.msn.pl to the email blacklist.
Add youneedit.com.pl to the email blacklist.
Correct Answer:
Add kenyan.msn.pl to the email blacklist.
Question 2.
A cyber technician is enhancing application security capabilities for corporate email accounts following a breach.
Which of the following leverages encryption features to enable email verification by allowing the sender to sign emails using a digital signature?
answer
Sender policy framework (SPF)
Domain-based Message Authentication, Reporting and Conformance
DomainKeys Identified Mail (DKIM)
Endpoint detection and response (EDR)
Correct Answer:
DomainKeys Identified Mail (DKIM)
Question 3.
A technician is modifying controls to increase securities on messaging services.
Which of the following options check to define rules for handling messages, such as moving messages to quarantine or spam, rejecting them outright, or tagging the message?
answer
Sender policy framework (SPF)
Endpoint detection and response (EDR)
DomainKeys Identified Mail (DKIM)
Domain-based Message Authentication, Reporting and Conformance (DMARC)
Correct Answer:
Domain-based Message Authentication, Reporting and Conformance (DMARC)
Question 4.
You install a new Linux distribution on a server in your network. The distribution includes a Simple Mail Transfer Protocol (SMTP) daemon that is enabled by default when the system boots. The SMTP daemon does not require authentication to send email messages.
Which type of email attack is this server susceptible to?
answer
Sniffing
Open SMTP relay
Viruses
Phishing
Correct Answer:
Open SMTP relay
Question 5.
Users in your organization receive email messages informing them that suspicious activity has been detected on their bank accounts. They are directed to click a link in the email to verify their online banking username and password. The URL in the link is in the .ru top-level DNS domain.
Which kind of attack has occurred?
answer
Virus
Phishing
Open SMTP relay
Buffer overflow
Correct Answer:
Phishing
Question 6.
Which of the following BEST describes phishing?
answer
Malware that often uses email as its distribution mechanism.
An email server that accepts mail and forwards it to other mail servers.
A fraudulent email that claims to be from a trusted organization.
Unwanted and unsolicited email sent to many recipients.
Correct Answer:
A fraudulent email that claims to be from a trusted organization.
Question 7.
Which of the following mechanisms can you use to add encryption to email? (Select two.)
answer
Reverse DNS
HTTPSPGP
Secure Shell
S/MIME
Correct Answer:
PGP
Correct Answer:
S/MIME
Question 8.
Which type of malicious activity can be described as numerous unwanted and unsolicited email messages sent to a wide range of victims?
answer
Hijacking
Spamming
Trojan horse
Brute force
Correct Answer:
Spamming
Question 9.
An attacker sends an unwanted and unsolicited email message to multiple recipients with an attachment that contains malware.
Which kind of attack has occurred in this scenario?
answer
Repudiation attack
Phishing
Open SMTP relay
Spam
Correct Answer:
Spam
Question 10.
An organization is increasing security on corporate email exchanges after being a target in a whaling campaign.
Which of the following options is an email authentication method that helps detect and prevent sender address forgery?
answer
Correct Answer:
Sender Policy Framework (SPF)
Endpoint detection and response (EDR)
Domain-based Message Authentication, Reporting and Conformance (DMARC)
Incorrect answer:
DomainKeys Identified Mail (DKIM)
Correct Answer:
Sender Policy Framework (SPF)
