Customers are receiving emails containing a link to malicious software. These emails are subverting spam filters. The email reads as follows: Delivered-To: customer@example.com Received: by 10.14.120.205 Mon, 1 Nov 2010 11:15:24 -0700 (PDT) Received: by 10.231.31.193 Mon, 01 Nov 2010 11:15:23 -0700 (PDT) Return-Path: Received: from 127.0.0.1 for ; Mon, 1 Nov 2010 13:15:14 -0500 (envelope-from ) Received: by smtpex.example.com (SMTP READY) with ESMTP (AIO); Mon, 01 Nov 2010 13:15:14 -0500 Received: from 172.18.45.122 by 192.168.2.55; Mon, 1 Nov 2010 13:15:14 -0500 From: Company To: "customer@example.com" Date: Mon, 1 Nov 2010 13:15:11 -0500 Subject: New Insurance Application Thread-Topic: New Insurance Application Please download and install software from the site below to maintain full access to your account. ________________________________ Additional information: The authorized mail servers IPs are 192.168.2.10 and 192.168.2.11. The network's subnet is 192.168.2.0/25. Which of the following are the MOST appropriate courses of action a security administrator could take to eliminate this risk? (Select TWO).

A. Identify the origination point for malicious activity on the unauthorized mail server.

B. Block port 25 on the firewall for all unauthorized mail servers.

C. Disable open relay functionality.

D. Shut down the SMTP service on the unauthorized mail server.

E. Enable STARTTLS on the spam filter.

CompTIA

CAS-003 · Question #242

CAS-003 Question #242: Real Exam Question with Answer & Explanation

Sign in or unlock CAS-003 to reveal the answer and full explanation for question #242. The question stem and answer options stay visible for context.

Question

Customers are receiving emails containing a link to malicious software. These emails are subverting spam filters. The email reads as follows: Delivered-To: [email protected] Received: by 10.14.120.205 Mon, 1 Nov 2010 11:15:24 -0700 (PDT) Received: by 10.231.31.193 Mon, 01 Nov 2010 11:15:23 -0700 (PDT) Return-Path: [email protected] Received: from 127.0.0.1 for [email protected]; Mon, 1 Nov 2010 13:15:14 -0500 (envelope-from [email protected]) Received: by smtpex.example.com (SMTP READY) with ESMTP (AIO); Mon, 01 Nov 2010 13:15:14 -0500 Received: from 172.18.45.122 by 192.168.2.55; Mon, 1 Nov 2010 13:15:14 -0500 From: Company [email protected] To: "[email protected]" [email protected] Date: Mon, 1 Nov 2010 13:15:11 -0500 Subject: New Insurance Application Thread-Topic: New Insurance Application Please download and install software from the site below to maintain full access to your account. ________________________________ Additional information: The authorized mail servers IPs are 192.168.2.10 and 192.168.2.11. The network's subnet is 192.168.2.0/25. Which of the following are the MOST appropriate courses of action a security administrator could take to eliminate this risk? (Select TWO).

Options

AIdentify the origination point for malicious activity on the unauthorized mail server.
BBlock port 25 on the firewall for all unauthorized mail servers.
CDisable open relay functionality.
DShut down the SMTP service on the unauthorized mail server.
EEnable STARTTLS on the spam filter.

Unlock CAS-003 to see the answer

You've previewed enough free CAS-003 questions. Unlock CAS-003 for full answers, explanations, the timed quiz mode, progress tracking, and the master PDF. Question stem and options stay visible so you can still see what's on the exam.

Unlock CAS-003 - $49.99 / 30 days Sign in

Full CAS-003 Practice