Which of the following would be BEST for the analyst to configure to achieve this objective?

A security analyst is researching ways to improve the security of a company’s email system to mitigate emails that are impersonating company executives.

Which of the following would be BEST for the analyst to configure to achieve this objective?
A . A TXT record on the name server for SPF
B . DNSSEC keys to secure replication
C . Domain Keys identified Man
D . A sandbox to check incoming mad

View Answer

Answer: C

Explanation:

Domain Keys Identified Mail (DKIM) is an email authentication method that uses a digital signature to let the receiver of an email know that the message was sent and authorized by the owner of a domain1 DKIM helps prevent phishing emails that spoof or impersonate other domains by verifying the identity and integrity of the sender. DKIM works by adding a DKIM signature header to each outgoing email message, which contains a hash value of selected parts of the message and the domain name of the sender. The sender’s domain also publishes a public key in its DNS records, which can be used by the receiver to decrypt the DKIM signature and compare it with its own hash value of the message. If they match, it means that the message was not altered in transit and that it came from the claimed domain.

Reference: 1 What Is DKIM? – How It Works, Definition & More | Proofpoint US