(3) Attacks On E-mail And E-mail Security Tools Flashcards

1
Q

What are the most common e-mail attacks?

A

The most common e-mail attacks are phishing, impersonation, and malicious attachments

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
2
Q

What are the goals of e-mails that use impersonation and inclusion of malicious attachments?

A

Impersonation attacks are all about obtaining credentials or other information through trickery

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
3
Q

What do impersonation e-mails often include?

A

Impersonation e-mails often include the appearance of being from a trusted person or supervisor. The recipient is usually asked to do something like provide banking info or do something that benefits the attacker

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
4
Q

How is malware spread via e-mail?

A

Malware is spread through attachments or links for download

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
5
Q

When it comes to e-mail security, what is Domain Keys Identified Mail (DKIM)?

A

DKIM lets organizations add content to messages to help identify them as being actually from their domain.

What it does is it signs the body of the message and elements of the header, making sure that the message is from the sender

A DKIM signature header is added to the e-mail, which can be verified through the Public key that is stored in public DNS entries for DKIM-enabled orgs

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
6
Q

What is Sender Policy Framework (SPF)?

A

SPF is an authentication technique that lets orgs publish a list of authorized e-mail servers.

SPF records get added to the DNS information for that particular domain, and it specifies which systems can and cannot send e-mail from that domain.

If a system is not listed in the SPF it will be rejected

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
7
Q

What are SPF records in DNS limited to?

A

SPF records in DNS are limited to 255 characters, so if an org has a lot of e-mail servers or that work with a lot of external senders it can be tricky

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
8
Q

What is Domain-Based Message Authentication, Reporting, and Conformance (DMARC)?

A

DMARC is a protocol that uses SPF and DKIM to figured out if an e-mail is legit.

DMARC is published in DNS but can be used to figure out if a message should be accepted from a sender.

A message can be rejected or quarantined that aren’t sent by a DMARC supported sender

How well did you know this?
1
Not at all
2
3
4
5
Perfectly