CompTIA CASP+ (CAS-003) — Question 377

The email administrator must reduce the number of phishing emails by utilizing more appropriate security controls. The following configurations already are in place:
✑ Keyword blocking based on word lists
✑ URL rewriting and protection
✑ Stripping executable files from messages
Which of the following is the BEST configuration change for the administrator to make?

Answer options

• A. Configure more robust word lists for blocking suspicious emails.
• B. Configure appropriate regular expression rules per suspicious email received.
• C. Configure Bayesian filtering to block suspicious inbound email.
• D. Configure the mail gateway to strip any attachments.

Correct answer: B

Explanation

The best option is B because configuring appropriate regular expression rules can provide a more precise and flexible way to identify suspicious email patterns beyond simple keyword blocking. Options A and C may enhance filtering but do not address the need for specific pattern recognition, while D could be too restrictive and may block legitimate emails.