CompTIA CySA+ (CS0-002) — Question 279

The Chief Information Officer of a large cloud software vendor reports that many employees are falling victim to phishing emails because they appear to come from other employees. Which of the following would BEST prevent this issue?

Answer options

• A. Include digital signatures on messages originating within the company.
• B. Require users to authenticate to the SMTP server.
• C. Implement DKIM to perform authentication that will prevent the issue.
• D. Set up an email analysis solution that looks for known malicious links within the email.

Correct answer: C

Explanation

Implementing DKIM (DomainKeys Identified Mail) is the best solution because it verifies the authenticity of the email sender, thus reducing the likelihood of phishing attacks that impersonate internal users. While digital signatures (option A) and SMTP server authentication (option B) improve security, they do not specifically address the phishing issue as effectively as DKIM. Setting up an email analysis solution (option D) can help detect malicious links but does not prevent phishing emails from being delivered in the first place.