CompTIA Security+ (SY0-601) — Question 438

A company recently suffered a breach in which an attacker was able to access the internal mail servers and directly access several user inboxes. A large number of email messages were later posted online. Which of the following would best prevent email contents from being released should another breach occur?

Answer options

• A. Implement S/MIME to encrypt the emails at rest.
• B. Enable full disk encryption on the mail servers.
• C. Use digital certificates when accessing email via the web.
• D. Configure web traffic to only use TLS-enabled channels.

Correct answer: A

Explanation

The correct answer is A because S/MIME encrypts email messages, ensuring that even if the mail servers are compromised, the contents remain unreadable without the proper decryption keys. Option B, while providing security for the entire disk, does not specifically protect individual email contents. Option C relates to secure access but does not encrypt the emails themselves, and option D secures transport but does not protect stored email data.