Email

Question 1

Phishing and spear-phishing attacks have been occurring more frequently against a company’s staff. Which of the following would MOST likely help mitigate this issue?

Answer 1

A. DNSSEC and DMARC
B. DNS query logging
C. Exact mail exchanger records in the DNS
D. The addition of DNS conditional forwarders

DNSSEC and DMARC
- DNSSEC helps validate domain authenticity, preventing spoofed emails from trusted domains.
- DMARC aligns SPF and DKIM to block phishing emails spoofing sender addresses.
- Together they technologically prevent many phishing tactics at the domain level.

Question 2

A forensics investigator is examining a number of unauthorized payments that were reported on the company’s website. Some unusual log entries show users received an email for an unwanted mailing list and clicked on a link to attempt to unsubscribe. One of the users reported the email to the phishing team, and the forwarded email revealed the link to be:
<a> Click here to unsubscribe</a>
Which of the following will the forensics investigator MOST likely determine has occurred?
A. SQL injection
B. Broken authentication
C. XSS
D. XSRF

Answer 2

XSRF

Cross-Site Request Forgery (XSRF) attack is a malicious tactic used by attackers to trick users into performing unintended actions on websites where they are authenticated. It’s important to note that XSRF attacks don’t rely on stealing login credentials. Instead, they exploit the fact that a user is already authenticated on a website, making the website trust the incoming request.