nerdexam
EC-Council

312-50V11 · Question #791

CompanyXYZ has asked you to assess the security of their perimeter email gateway. From your office in New York, you craft a specially formatted email message and send it across the Internet to an empl

The correct answer is D. Email Spoofing. Sending an email with a forged internal 'From' address from an external source proves the email gateway fails to prevent email spoofing.

Social Engineering

Question

CompanyXYZ has asked you to assess the security of their perimeter email gateway. From your office in New York, you craft a specially formatted email message and send it across the Internet to an employee of CompanyXYZ. The employee of CompanyXYZ is aware of your test. Your email message looks like this:

From: [email protected] To: [email protected] Subject: Test message Date: 4/3/2017 14:37 The employee of CompanyXYZ receives your email message. This proves that CompanyXYZ's email gateway doesn't prevent what?

Options

  • AEmail Masquerading
  • BEmail Harvesting
  • CEmail Phishing
  • DEmail Spoofing

How the community answered

(38 responses)
  • A
    16% (6)
  • B
    3% (1)
  • C
    11% (4)
  • D
    71% (27)

Why each option

Sending an email with a forged internal 'From' address from an external source proves the email gateway fails to prevent email spoofing.

AEmail Masquerading

Email masquerading broadly describes impersonating a user or entity, but the specific technical failure shown here - forging the SMTP From header - is precisely and technically defined as email spoofing.

BEmail Harvesting

Email harvesting is the automated collection of email addresses from websites or public sources and is entirely unrelated to forging message headers.

CEmail Phishing

Email phishing is a social engineering attack using deceptive messages to steal credentials or trick users into clicking malicious links, and is not the same as the protocol-level header forgery demonstrated in this test.

DEmail SpoofingCorrect

Email spoofing is the specific technique of forging the SMTP 'From' header so a message appears to originate from a trusted or internal address when it actually comes from an external source. The test email used [email protected] as the From address despite being sent from outside the organization, which is the textbook definition of spoofing the sender identity at the protocol level. A properly configured gateway using SPF, DKIM, or DMARC would detect and reject externally originating mail claiming to be from the organization's own domain.

Concept tested: Email spoofing and sender address forgery prevention

Source: https://learn.microsoft.com/en-us/microsoft-365/security/office-365-security/anti-phishing-protection-spoofing-about

Topics

#email spoofing#email gateway#email security#sender forgery

Community Discussion

No community discussion yet for this question.

Full 312-50V11 Practice