CompTIA CASP+ (CAS-003) — Question 29

A security administrator wants to allow external organizations to cryptographically validate the company's domain name in email messages sent by employees.
Which of the following should the security administrator implement?

Answer options

• A. SPF
• B. S/MIME
• C. TLS
• D. DKIM

Correct answer: D

Explanation

The correct answer is DKIM, as it allows the verification of the sender's domain through cryptographic signatures in emails, ensuring authenticity. SPF is used for sender policy verification, S/MIME provides end-to-end encryption, and TLS secures the transport of emails but does not validate the domain itself.