Email Monitoring Flashcards

1
Q

Unsolicited and unwanted junk email sent out in bulk to an indiscriminate
recipient list

A

Spam

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
2
Q

The fraudulent practice of sending emails purporting to be from reputable
companies in order to induce individuals to reveal personal information, such as
passwords and credit card numbers

A

Phishing

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
3
Q

A form of social engineering in which an individual lies and provides a false motive
to obtain privileged data

A

Pretext

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
4
Q

An email spoofing attack targeting a specific organization or individual by seeking
unauthorized access to sensitive information

A

Spear Phishing

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
5
Q

An attack in which an adversary successfully assumes the
identity of one of the legitimate parties in a system or in a
communications protocol

A

Impersonation

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
6
Q

An impersonation attack in which the attacker gains control of an employee’s
account and uses it to convince other employees to perform fraudulent actions

A

Business Email Compromise (BEC)

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
7
Q

A record of the email servers involved in transferring an email message from a
sender to a recipient

A

Email Header Analysis

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
8
Q

An attacker must also craft some sort of payload to complete the exploit when a victim
opens a message

A

Email Content Analysis

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
9
Q

Allows a body of an email to support different formats, such as HTML, rich text
format (RTF), binary data encoded as Base64 ASCII characters, and attachments

A

Multipurpose Internet Mail Extensions (MIME)

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
10
Q

An exploit or attachment that contains some sort of malicious code implemented
within the message body

A

Malicious Payload

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
11
Q

Message data contains scripts or objects that target some vulnerability
in the mail client

A

Exploit

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
12
Q

Message contains a file attachment in the hope that the user will
execute or open it

A

Attachment

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
13
Q

A link can be composed of a friendly string plus the URL or a shortened URL to
hide the identity of the real target

A

Embedded Link

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
14
Q

Spoofing attacks can be mitigated by configuring authentication for email server systems

A

Email Server Security

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
15
Q

DNS record identifying hosts authorized to send mail for the domain with only
one being allowed per domain

A

Sender Policy Framework (SPF)

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
16
Q

Provides a cryptographic authentication mechanism for mail utilizing a public key
published as a DNS record

A

DomainKeys Identified Mail (DKIM)

17
Q

A framework for ensuring proper application of SPF and DKIM utilizing a policy
published as a DNS record
DMARC can use either SPF or DKIM or both

A

Domain-Based Message Authentication, Reporting, and Conformance (DMARC)

18
Q

A Domain Name System (DNS) domain that looks similar to another name when
rendered by a Mail User Agent (MUA)

A

Cousin Domains

19
Q

SMTP logs are typically formatted in request/response fashion
o Time of request/response
o Address of recipient
o Size of message
o Status code

A

SMTP Log Analysis

20
Q

An email encryption standard that adds digital signatures and public key
cryptography to traditional MIME communications

A

Secure/Multipurpose Internet Mail Extensions (S/MIME)