CompTIA Security+ (SY0-501) — Question 861
To further secure a company's email system, an administrator is adding public keys to DNS records in the company's domain. Which of the following is being used?
Answer options
- A. PFS
- B. SPF
- C. DMARC
- D. DNSSEC
Correct answer: D
Explanation
The correct answer is DNSSEC, which is used to add a layer of security to DNS by enabling the authentication of the responses received. PFS, SPF, and DMARC serve different purposes: PFS relates to encryption protocols, SPF is for email sender verification, and DMARC combines SPF and DKIM for email validation, but none of them involve adding public keys to DNS records.