CSCU - Certified Secure Computer User Email Communication Security Questions and Answers

Question 1

An employee receives an email that appears to be from a known supplier with an invoice attached. However, they notice the sender's domain is 'supp1ier.com' instead of the usual 'supplier.com'. This is a classic indicator of what type of attack?

Accepted Answer

Typosquatting

Answer

Typosquatting, also known as URL hijacking, is a form of social engineering where attackers register domain names with slight variations or misspellings of legitimate domains. They use these domains to send phishing emails, hoping recipients won't notice the small difference and will trust the fraudulent message.

Question 2

What primary security service does a digital signature provide for an email message, ensuring that the sender cannot later deny having sent the message?

Accepted Answer

Non-repudiation

Answer

A digital signature provides authentication (proof of sender), integrity (proof the message wasn't altered), and non-repudiation. Non-repudiation is the assurance that someone cannot deny the validity of something, meaning the sender cannot deny having sent the message. Confidentiality is provided by encryption, not signatures.

Question 3

Which of the following technologies is specifically designed to provide end-to-end encryption for the content of an email, ensuring only the intended recipient can read it?

Accepted Answer

PGP (Pretty Good Privacy)

Answer

PGP (and its open-source standard OpenPGP) is a widely used protocol for encrypting the content of emails end-to-end. While SSL/TLS encrypts the connection between your email client and the server, it does not protect the email content at rest on the server or after it's delivered. WPA3 is for Wi-Fi security, and MAC filtering is a network access control method.

Question 4

When sending a newsletter to a large group of external contacts, what is the primary privacy benefit of using the Blind Carbon Copy (Bcc) field?

Accepted Answer

It prevents recipients from seeing each other's email addresses.

Answer

The Bcc field hides the recipient list from view. When you place email addresses in the Bcc field, those addresses are invisible to everyone else who receives the message, thereby protecting the privacy of your contacts.

Question 5

A user needs to send a contract containing sensitive financial data to a business partner via email. Which of the following is the MOST secure method to protect the document?

Accepted Answer

Password-protecting the document using strong AES encryption before attaching it.

Answer

Encrypting the document itself with a strong password using a standard like AES-256 provides robust protection for the file's contents. This ensures that even if the email is intercepted, the attachment remains unreadable without the password. The password should be shared through a separate, secure channel (e.g., a phone call). Simply zipping or renaming the file offers no real security.

CSCU - Certified Secure Computer User Practice Test

CSCU - Certified Secure Computer User Practice Test

CSCU - Certified Secure Computer User Email Communication Security Questions and Answers