CompTIA Security+ (SY0-501) — Question 863

Confidential emails from an organization were posted to a website without the organization's knowledge. Upon investigation, it was determined that the emails were obtained from an internal actor who sniffed the emails in plain text.
Which of the following protocols, if properly implemented, would have MOST likely prevented the emails from being sniffed? (Choose two.)

Answer options

• A. Secure IMAP
• B. DNSSEC
• C. S/MIME
• D. SMTPS
• E. HTTPS

Correct answer: C, D

Explanation

S/MIME (C) provides encryption and digital signatures for emails, ensuring confidentiality and integrity, which would prevent unauthorized access to the email content. SMTPS (D) secures the email transmission process, protecting the data from being sniffed during transit. The other options, while important for other aspects of security, do not specifically address the interception of email content in this scenario.