Email Security & Monitoring Data (sec +)

Mail Gateway

a specialized server that sits between an organization's internal email system and the external network (the internet) and processes all incoming and outgoing email

Sender Policy Framework (SPF)

a DNS text record that lists the IP addresses of all authorized mail servers permitted to send email on behalf of a specific domain, helping to prevent email spoofing and phishing

DomainKeys Identified Mail (DKIM)

an email authentication technique that uses public-key cryptography to digitally sign outgoing emails with a private key

Domain-based Message Authentication, Reporting, and Conformance (DMARC)

an email authentication protocol that builds on SPF and DKIM to provide senders with a way to specify policy on how receiving servers should handle emails that fail authentication, and offers reporting on authentication results

File Integrity Monitoring (FIM)

a security process that monitors and validates the state of operating system and application files to detect unauthorized changes

System File Checker (SFC)

a command-line utility that scans and verifies the integrity of protected system files and, if a file is found to be corrupt or modified, it will replace it with a cached copy from a compressed folder

Linux Tripwire

creates a baseline database of cryptographic hashes for critical system files and directories, and then alerts administrators whenever unauthorized or unexpected changes occur to those files

Data Loss Prevention (DLP)

a set of tools and processes designed to prevent sensitive information from leaving a corporate network or endpoint via unauthorized channels

Data in Use

the state of data that is actively being created, retrieved, updated, or processed by a computer system's CPU and memory (RAM)

Data in Motion

the state of data that is actively being transferred or communicated over a network connection, such as the internet, a corporate LAN, or a wireless link

Data at Rest

USB Blocking

a security measure that restricts or completely prevents the use of USB storage devices on endpoints to mitigate the risk of data theft (DLP)