It's time for a pop quiz to test your knowledge of e-mail security! If you graduated from our E-mail Security School, see how much knowledge you retained. If not, here's your chance to see if summer school is in order. For each question you'll find links to the corresponding Security School learning materials so you can quickly freshen up on weak areas.
1.) What "layer" of an e-mail message should you consider when evaluating e-mail security?
d. All of the above
2.) Why isn't S/MIME the perfect solution to e-mail security?
a. It provides authentication and privacy, but not integrity checking.
b. It provides authentication and integrity checking, but not privacy.
c. It has scalability problems.
d. What are you talking about? It is the perfect solution.
3.) What is a spam cocktail?
a. An ISP that allows the distribution of spam.
b. A piece of spam sent to multiple recipients within the same organization.
c. A deluge of spam mixed with legitimate e-mail in a user's inbox.
d. A combination of techniques used to identify spam.
4.) In what order should you digitally sign and inject a footer into an e-mail message?
a. First inject the footer, then digitally sign.
b. First digitally sign, then inject the footer.
c. It doesn't matter.
d. You can't do both, period.
5.) What are the two most common errors associated with keyword searching across e-mail messages?
a. Ignoring the subject line
b. Ignoring case significance
c. Improper word stemming
d. Ignoring alphanumeric characters
6.) When considering antispam products, which of the following should you look for?
a. A 100% false-negative rate
b. A high false-negative rate
c. A 0% false-positive rate
d. A low false-positive rate
7.) When might a virus scanner not know whether or not a message has a virus?
a. If the message is encrypted
b. If the archive is protected
c. If the message causes the scanner to crash
d. All of the above
8.) Why wouldn't you want to simply delete a message for an invalid recipient?
a. It might be spam.
b. It might be a virus, and you should let the sender know.
c. The sender may have misspelled the recipient's e-mail address.
d. None of the above
9.) What happens if you digitally sign and inject a footer on a message in the wrong order?
b. The message won't be sent.
c. The footer will invalidate the signature.
d. The footer will be illegible.
10.) When is it better to run antispam on an e-mail client, as opposed to the external MTA?
a. When users prefer to have control.
b. When you want maximum performance from a product.
c. When you want a direct connection between the antispam product and the spammer.
d. When you want the product to collect the real IP address of the sender.
This was first published in July 2005