312-50V13 · Question #76
CompanyXYZ has asked you to assess the security of their perimeter email gateway. From your office in New York, you craft a specially formatted email message and send it across the Internet to an empl
The correct answer is D. Email Spoofing. Email Spoofing Explained Option D (Email Spoofing) is correct because you sent an email from outside CompanyXYZ (from New York, across the Internet) but forged the "From" field to display an internal company address ([email protected]). The fact that the employee received
Question
Options
- AEmail Masquerading
- BEmail Harvesting
- CEmail Phishing
- DEmail Spoofing
How the community answered
(40 responses)- A3% (1)
- B3% (1)
- C5% (2)
- D90% (36)
Explanation
Email Spoofing Explained
Option D (Email Spoofing) is correct because you sent an email from outside CompanyXYZ (from New York, across the Internet) but forged the "From" field to display an internal company address ([email protected]). The fact that the employee received it proves the gateway failed to verify that the sender's actual origin matched the claimed "From" address - the textbook definition of email spoofing.
Why the distractors are wrong:
- A (Email Masquerading) is closely related but refers more broadly to impersonating a person or system; spoofing is the specific technical mechanism demonstrated here.
- B (Email Harvesting) involves collecting email addresses from targets - no harvesting occurred in this scenario.
- C (Email Phishing) is a social engineering attack using deceptive emails to trick users; while spoofing can be a tool within phishing, the scenario is specifically testing gateway filtering, not user deception.
Memory Tip: Think of spoofing like forging a return address on a physical letter - the envelope says it came from inside the building, but it actually arrived from the street. If the mailroom (gateway) doesn't check the postmark, spoofing succeeds!
Topics
Community Discussion
No community discussion yet for this question.