312-50V13 Question #76: Real Exam Question with Answer & Explanation

Question

CompanyXYZ has asked you to assess the security of their perimeter email gateway. From your office in New York, you craft a specially formatted email message and send it across the Internet to an employee of CompanyXYZ. The employee of CompanyXYZ is aware of your test. Your email message looks like this: From: [email protected] To: [email protected] Subject: Test message Date: 4/3/2017 14:37 The employee of CompanyXYZ receives your email message. This proves that CompanyXYZ's email gateway doesn't prevent what?

Options

• AEmail Masquerading
• BEmail Harvesting
• CEmail Phishing
• DEmail Spoofing

Explanation

Email Spoofing Explained

Option D (Email Spoofing) is correct because you sent an email from outside CompanyXYZ (from New York, across the Internet) but forged the "From" field to display an internal company address ([email protected]). The fact that the employee received it proves the gateway failed to verify that the sender's actual origin matched the claimed "From" address - the textbook definition of email spoofing.

Why the distractors are wrong:

• A (Email Masquerading) is closely related but refers more broadly to impersonating a person or system; spoofing is the specific technical mechanism demonstrated here.
• B (Email Harvesting) involves collecting email addresses from targets - no harvesting occurred in this scenario.
• C (Email Phishing) is a social engineering attack using deceptive emails to trick users; while spoofing can be a tool within phishing, the scenario is specifically testing gateway filtering, not user deception.

Memory Tip: Think of spoofing like forging a return address on a physical letter - the envelope says it came from inside the building, but it actually arrived from the street. If the mailroom (gateway) doesn't check the postmark, spoofing succeeds! 📧

No community discussion yet for this question.