CompTIA Security+ (SY0-501) — Question 342

A penetration tester finds that a company's login credentials for the email client were being sent in clear text. Which of the following should be done to provide encrypted logins to the email server?

Answer options

• A. Enable IPSec and configure SMTP.
• B. Enable SSH and LDAP credentials.
• C. Enable MIME services and POP3.
• D. Enable an SSL certificate for IMAP services.

Correct answer: D

Explanation

Enabling an SSL certificate for IMAP services ensures that the login credentials are transmitted securely over the network, thus protecting them from being intercepted. The other options, while they may involve security protocols, do not specifically address the need for encrypted logins to the email server, making them unsuitable for this scenario.