CompTIA Security+ (SY0-701) — Question 423

A security architect wants to prevent employees from receiving malicious attachments by email. Which of the following functions should the chosen solution do?

Answer options

• A. Apply IP address reputation data.
• B. Tap and monitor the email feed.
• C. Scan email traffic inline.
• D. Check SPF records.

Correct answer: C

Explanation

The correct answer is C, as scanning email traffic inline allows for real-time detection and removal of malicious attachments before they reach the user. Options A and D focus on reputation and authentication checks, which do not actively block attachments. Option B involves monitoring but does not prevent harmful emails from being delivered.