-
Book Overview & Buying
-
Table Of Contents
-
Feedback & Rating

Effective Threat Investigation for SOC Analysts
By :

Due to the increase in email threats and the use of spoofing techniques to impersonate known legitimate domains, it has become crucial for SOC analysts to understand the email message flow and email authentication process, as well as analyze email headers to collect additional artifacts and investigate and observe potential spoofing attempts.
The objective of this chapter is to learn about the email message flow and understand email authentication protocols such as Sender Policy Framework (SPF), DomainKeys Identified Mail (DKIM), and Domain-Based Message Authentication, Reporting, and Conformance (DMARC) and how they work. You will also learn how to analyze an email’s message header and observe any spoofing attempts by analyzing it.
In this chapter, we’re going to cover the following main topics:
Let...
Change the font size
Change margin width
Change background colour