A company’s domain has been spooled in numerous phishing campaigns.
An analyst needs to determine the company is a victim of domain spoofing, despite having a DMARC record that should tell mailbox providers to ignore any email that fails DMARC upon review of the record, the analyst finds the following:
Which of the following BEST explains the reason why the company’s requirements are not being processed correctly by mailbox providers?
A . The DMARC record’s DKIM alignment tag Is incorrectly configured.
B . The DMARC record’s policy tag is incorrectly configured.
C . The DMARC record does not have an SPF alignment tag.
D . The DMARC record’s version tag is set to DMARC1 instead of the current version, which is DMARC3.
Answer: B
Explanation:
The DMARC record’s policy tag is incorrectly configured and explains why the company’s requirements are not being processed correctly by mailbox providers. The policy tag (p) specifies how mailbox providers should handle messages from the domain that fail DMARC checks. The possible values for the policy tag are none, quarantine, or reject1. None means that no action is taken on failed messages and only reports are sent. Quarantine means that failed messages are treated as suspicious and may be filtered or marked as spam. Reject means that failed messages are rejected and not delivered. In this case, the company’s DMARC record has a policy tag value of none, which means that mailbox providers will not ignore any email that fails DMARC as required by the company. Instead, mailbox providers will deliver all messages from the domain regardless of their DMARC status and only send reports to the company. To fix this issue, the company should change its policy tag value to reject, which means that mailbox providers will reject and ignore any email that fails DMARC as required by the company. The DMARC record’s DKIM alignment tag (A) is not incorrectly configured and does not explain why the company’s requirements are not being processed correctly by mailbox providers. The DKIM alignment tag (adkim) specifies how strictly mailbox providers should match DKIM identifiers with From domain identifiers2. The possible values for DKIM alignment tag are s or r. S means strict alignment, which means that DKIM identifiers must exactly match From domain identifiers. R means relaxed alignment, which means that DKIM identifiers must match From domain identifiers at an organizational level (e.g., subdomain.example.com and example.com are considered aligned). In this case, the company’s DMARC record has a DKIM alignment tag value of r, which means that mailbox providers will use relaxed alignment for DKIM verification.
Latest CS0-002 Dumps Valid Version with 220 Q&As
Latest And Valid Q&A | Instant Download | Once Fail, Full Refund