CompTIA CySA+ (CS0-002) — Question 214

A security technician is testing a solution that will prevent outside entities from spoofing the company’s email domain, which is comptia.org. The testing is successful, and the security technician is prepared to fully implement the solution. Which of the following actions should the technician take to accomplish this task?

Answer options

• A. Add TXT @ "v=spfl mx include:_spf.comptia.org -all" to the DNS record.
• B. Add TXT @ "v=spfl mx include:_spf.comptia.org -all" to the email server.
• C. Add TXT @ "v=spfl mx include:_spf.comptia.org +all" to the domain controller.
• D. Add TXT @ "v=spfl mx include:_spf.comptia.org +all" to the web server.

Correct answer: A

Explanation

The correct answer is A because adding the SPF record to the DNS record enables the domain to specify which mail servers are allowed to send emails on its behalf, effectively preventing spoofing. Options B, C, and D are incorrect because they suggest placing the SPF record in inappropriate locations; the DNS is the correct place for SPF records.