CompTIA Security Plus Mock Test Q336

Several employees submit the same phishing email to the administrator. The administrator finds that the links in the email are not being blocked by the company’s security device. Which of the following might the administrator do in the short term to prevent the emails from being received?

A. Configure an ACL
B. Implement a URL filter
C. Add the domain to a block list
D. Enable TLS on the mail server

Correct Answer: C
Section: Compliance and Operational Security

Blocking e-mail is the same as preventing the receipt of those e-mails and this is done by applying a filter. But the filter must be configured to block it. Thus you should add that specific domain from where the e-mails are being sent to the list of addresses that is to be blocked.

Incorrect Answers:
A: ACLs enable devices in your network to ignore requests from specified users or systems or to grant them access to certain network capabilities.
B: URL filtering involves blocking websites (or sections of websites) based solely on the URL, restricting access to specified websites and certain web-based applications.
D: TLS is a security protocol that further enhances SSL and though this is also a solution to establish a secure communication connection between two TCP-based machines, it is not
short term to prevent emails from being received.

Dulaney, Emmett and Chuck Eastton, CompTIA Security+ Study Guide, 6th Edition, Sybex, Indianapolis, 2014, pp. 119, 269