CompTIA CySA+ (CS0-003) — Question 54

During an incident involving phishing, a security analyst needs to find the source of the malicious email. Which of the following techniques would provide the analyst with this information?

Answer options

• A. Header analysis
• B. Packet capture
• C. SSL inspection
• D. Reverse engineering

Correct answer: A

Explanation

Header analysis is the most effective technique for tracing the source of a malicious email as it reveals the email's routing information and sender details. Packet capture, SSL inspection, and reverse engineering are not specifically targeted at identifying the origin of emails, making them less suitable for this task.