CAS-005 · Question #226
CAS-005 Question #226: Real Exam Question with Answer & Explanation
The correct answer is D: Deploying sandboxing. To significantly improve an email security solution on an email gateway, deploying sandboxing provides enhanced protection against advanced and unknown threats.
Question
During a review of the email security solution, a security analyst collects the following information: Which of the following is the best way to improve the email security solution on the email gateway?
Options
- AEnabling allow lists
- BConfiguring signature-based detection
- CImplementing a HIDS
- DDeploying sandboxing
Explanation
To significantly improve an email security solution on an email gateway, deploying sandboxing provides enhanced protection against advanced and unknown threats.
Common mistakes.
- A. Enabling allow lists (whitelisting) can reduce unwanted email but is prone to configuration errors and does not protect against malicious content from legitimate but compromised senders.
- B. Configuring signature-based detection is a foundational security measure but is reactive and ineffective against novel, polymorphic malware or zero-day exploits without known signatures.
- C. Implementing a HIDS (Host-based Intrusion Detection System) monitors individual endpoints, which is valuable for host-level security, but it does not improve the email gateway's ability to stop threats before they reach the endpoint.
Concept tested. Advanced email gateway security features
Reference. https://www.kaspersky.com/resource-center/definitions/what-is-sandboxing
Community Discussion
No community discussion yet for this question.