312-50V11 · Question #791
CompanyXYZ has asked you to assess the security of their perimeter email gateway. From your office in New York, you craft a specially formatted email message and send it across the Internet to an empl
The correct answer is D. Email Spoofing. Sending an email with a forged internal 'From' address from an external source proves the email gateway fails to prevent email spoofing.
Question
CompanyXYZ has asked you to assess the security of their perimeter email gateway. From your office in New York, you craft a specially formatted email message and send it across the Internet to an employee of CompanyXYZ. The employee of CompanyXYZ is aware of your test. Your email message looks like this:
From: [email protected] To: [email protected] Subject: Test message Date: 4/3/2017 14:37 The employee of CompanyXYZ receives your email message. This proves that CompanyXYZ's email gateway doesn't prevent what?
Options
- AEmail Masquerading
- BEmail Harvesting
- CEmail Phishing
- DEmail Spoofing
How the community answered
(38 responses)- A16% (6)
- B3% (1)
- C11% (4)
- D71% (27)
Why each option
Sending an email with a forged internal 'From' address from an external source proves the email gateway fails to prevent email spoofing.
Email masquerading broadly describes impersonating a user or entity, but the specific technical failure shown here - forging the SMTP From header - is precisely and technically defined as email spoofing.
Email harvesting is the automated collection of email addresses from websites or public sources and is entirely unrelated to forging message headers.
Email phishing is a social engineering attack using deceptive messages to steal credentials or trick users into clicking malicious links, and is not the same as the protocol-level header forgery demonstrated in this test.
Email spoofing is the specific technique of forging the SMTP 'From' header so a message appears to originate from a trusted or internal address when it actually comes from an external source. The test email used [email protected] as the From address despite being sent from outside the organization, which is the textbook definition of spoofing the sender identity at the protocol level. A properly configured gateway using SPF, DKIM, or DMARC would detect and reject externally originating mail claiming to be from the organization's own domain.
Concept tested: Email spoofing and sender address forgery prevention
Source: https://learn.microsoft.com/en-us/microsoft-365/security/office-365-security/anti-phishing-protection-spoofing-about
Topics
Community Discussion
No community discussion yet for this question.