CompTIA SecurityX (CAS-005) — Question 301

A systems administrator is working with clients to verify email-based services are performing properly. The administrator wants to have the email server digitally sign outbound emails using the organization's private key. Which of the following should the systems administrator configure?

Answer options

• A. SPF
• B. DKIM
• C. DMARC
• D. TLS

Correct answer: B

Explanation

The correct answer is DKIM, as it allows the email server to digitally sign emails using the organization's private key, ensuring authenticity. SPF is used to specify which mail servers are permitted to send email on behalf of the domain, while DMARC builds on SPF and DKIM to provide a way to validate emails. TLS is a protocol for securing communications but does not involve digital signatures.