A financial organization's security team has detected a significant increase in phishing attempts against its employees. In response to this threat, the team has decided to employ a mechanism that verifies the identity of email senders and checks if the emails are from trusted sources before reaching the employees. Which type of security control is the team MOST likely implementing?
The team is most likely implementing technical controls in the form of email security technologies, such as Sender Policy Framework (SPF) and Domain-based Message Authentication, Reporting, and Conformance (DMARC). These technologies help to verify sender identities and assess the trustworthiness of the emails, acting as preventive controls to stop phishing attempts before they reach the employees.
Ask Bash
Bash is our AI bot, trained to help you pass your exam. AI Generated Content may display inaccurate information, always double-check anything important.
What are technical controls in cybersecurity?
Open an interactive chat with Bash
Can you explain SPF and DMARC in detail?
Open an interactive chat with Bash
What is the difference between technical, operational, and managerial controls?