1. What is the primary purpose of email gateway security? Answer: To
protect organizations from email-based threats by filtering, scanning, and
controlling email traffic before it reaches end users or leaves the organization.
2. What are the main types of email threats? Answer: Spam, phishing,
malware, ransomware, business email compromise (BEC), spoofing, and data
loss through unauthorized email transmission.
3. What is spam email? Answer: Unsolicited bulk email messages, typically
commercial in nature, that consume network resources and reduce productivity.
4. Define phishing in the context of email security. Answer: A social
engineering attack where attackers impersonate legitimate entities to trick
recipients into revealing sensitive information or performing malicious actions.
5. What is email spoofing? Answer: The practice of forging email headers to
make messages appear to come from a different sender than the actual source.
6. What does BEC stand for and what is it? Answer: Business Email
Compromise - a type of fraud where attackers compromise business email
accounts to conduct unauthorized transfers or data theft.
7. What is the difference between spam and phishing? Answer: Spam is
typically bulk commercial email, while phishing specifically aims to steal
credentials, personal information, or perform fraud through deception.
8. What is email malware? Answer: Malicious software distributed through
email attachments or links that can infect systems, steal data, or provide
unauthorized access.
9. What is ransomware in email context? Answer: Malicious software
delivered via email that encrypts victim's files and demands payment for
decryption keys.
,10. What are the key components of email infrastructure? Answer: Mail
servers (SMTP, POP3, IMAP), DNS (MX records), email clients, and security
gateways.
11. What is SMTP? Answer: Simple Mail Transfer Protocol - the standard
protocol for sending email messages between servers on the internet.
12. What is the difference between POP3 and IMAP? Answer: POP3
downloads emails to local storage and removes them from the server, while
IMAP keeps emails on the server for access from multiple devices.
13. What are MX records? Answer: Mail Exchange records in DNS that
specify which mail servers are responsible for receiving email for a domain.
14. What is email flow in a typical organization? Answer: Inbound: Internet
→ Email Gateway → Mail Server → End User. Outbound: End User → Mail
Server → Email Gateway → Internet.
15. What is the role of an email gateway? Answer: To act as a security
checkpoint that filters, scans, and controls email traffic entering and leaving an
organization.
16. What is email encryption? Answer: The process of encoding email content
to protect it from unauthorized access during transmission or storage.
17. What is TLS in email context? Answer: Transport Layer Security - a
protocol that encrypts email communication between servers during
transmission.
18. What is email authentication? Answer: Methods to verify the legitimacy
of email senders and prevent spoofing, including SPF, DKIM, and DMARC.
19. What does SPF stand for and what does it do? Answer: Sender Policy
Framework - an email authentication method that specifies which IP addresses
are authorized to send email for a domain.
20. What is DKIM? Answer: DomainKeys Identified Mail - an email
authentication method that uses digital signatures to verify email integrity and
sender authenticity.
21. What is DMARC? Answer: Domain-based Message Authentication,
Reporting, and Conformance - a protocol that builds on SPF and DKIM to
provide sender authentication and policy enforcement.
, 22. What is email archiving? Answer: The process of capturing, storing, and
indexing email communications for compliance, legal, and business continuity
purposes.
23. What is data loss prevention (DLP) in email? Answer: Technology that
identifies, monitors, and protects sensitive data from unauthorized transmission
via email.
24. What is email quarantine? Answer: A secure holding area where
suspicious or blocked emails are stored for review before being delivered or
deleted.
25. What is a false positive in email security? Answer: When legitimate email
is incorrectly identified as spam, phishing, or malicious and blocked or
quarantined.
26. What is a false negative in email security? Answer: When malicious
email is incorrectly identified as legitimate and allowed through security filters.
27. What is email reputation? Answer: A scoring system that evaluates the
trustworthiness of email senders based on their sending history and behavior.
28. What is a blacklist in email security? Answer: A list of IP addresses,
domains, or email addresses that are blocked from sending email to the
organization.
29. What is a whitelist in email security? Answer: A list of trusted IP
addresses, domains, or email addresses that are allowed to bypass certain
security filters.
30. What is email sandboxing? Answer: A security technique that executes
suspicious email attachments in an isolated environment to detect malicious
behavior.
31. What is email throttling? Answer: The practice of limiting the rate at
which emails are processed or delivered to prevent system overload.
32. What is an email relay? Answer: A server that forwards email messages
from one mail server to another, often used for routing or security purposes.
33. What is email bouncing? Answer: When an email cannot be delivered and
is returned to the sender with an error message explaining the failure reason.
34. What is email spoofing protection? Answer: Security measures designed
to prevent attackers from forging sender information in email headers.
protect organizations from email-based threats by filtering, scanning, and
controlling email traffic before it reaches end users or leaves the organization.
2. What are the main types of email threats? Answer: Spam, phishing,
malware, ransomware, business email compromise (BEC), spoofing, and data
loss through unauthorized email transmission.
3. What is spam email? Answer: Unsolicited bulk email messages, typically
commercial in nature, that consume network resources and reduce productivity.
4. Define phishing in the context of email security. Answer: A social
engineering attack where attackers impersonate legitimate entities to trick
recipients into revealing sensitive information or performing malicious actions.
5. What is email spoofing? Answer: The practice of forging email headers to
make messages appear to come from a different sender than the actual source.
6. What does BEC stand for and what is it? Answer: Business Email
Compromise - a type of fraud where attackers compromise business email
accounts to conduct unauthorized transfers or data theft.
7. What is the difference between spam and phishing? Answer: Spam is
typically bulk commercial email, while phishing specifically aims to steal
credentials, personal information, or perform fraud through deception.
8. What is email malware? Answer: Malicious software distributed through
email attachments or links that can infect systems, steal data, or provide
unauthorized access.
9. What is ransomware in email context? Answer: Malicious software
delivered via email that encrypts victim's files and demands payment for
decryption keys.
,10. What are the key components of email infrastructure? Answer: Mail
servers (SMTP, POP3, IMAP), DNS (MX records), email clients, and security
gateways.
11. What is SMTP? Answer: Simple Mail Transfer Protocol - the standard
protocol for sending email messages between servers on the internet.
12. What is the difference between POP3 and IMAP? Answer: POP3
downloads emails to local storage and removes them from the server, while
IMAP keeps emails on the server for access from multiple devices.
13. What are MX records? Answer: Mail Exchange records in DNS that
specify which mail servers are responsible for receiving email for a domain.
14. What is email flow in a typical organization? Answer: Inbound: Internet
→ Email Gateway → Mail Server → End User. Outbound: End User → Mail
Server → Email Gateway → Internet.
15. What is the role of an email gateway? Answer: To act as a security
checkpoint that filters, scans, and controls email traffic entering and leaving an
organization.
16. What is email encryption? Answer: The process of encoding email content
to protect it from unauthorized access during transmission or storage.
17. What is TLS in email context? Answer: Transport Layer Security - a
protocol that encrypts email communication between servers during
transmission.
18. What is email authentication? Answer: Methods to verify the legitimacy
of email senders and prevent spoofing, including SPF, DKIM, and DMARC.
19. What does SPF stand for and what does it do? Answer: Sender Policy
Framework - an email authentication method that specifies which IP addresses
are authorized to send email for a domain.
20. What is DKIM? Answer: DomainKeys Identified Mail - an email
authentication method that uses digital signatures to verify email integrity and
sender authenticity.
21. What is DMARC? Answer: Domain-based Message Authentication,
Reporting, and Conformance - a protocol that builds on SPF and DKIM to
provide sender authentication and policy enforcement.
, 22. What is email archiving? Answer: The process of capturing, storing, and
indexing email communications for compliance, legal, and business continuity
purposes.
23. What is data loss prevention (DLP) in email? Answer: Technology that
identifies, monitors, and protects sensitive data from unauthorized transmission
via email.
24. What is email quarantine? Answer: A secure holding area where
suspicious or blocked emails are stored for review before being delivered or
deleted.
25. What is a false positive in email security? Answer: When legitimate email
is incorrectly identified as spam, phishing, or malicious and blocked or
quarantined.
26. What is a false negative in email security? Answer: When malicious
email is incorrectly identified as legitimate and allowed through security filters.
27. What is email reputation? Answer: A scoring system that evaluates the
trustworthiness of email senders based on their sending history and behavior.
28. What is a blacklist in email security? Answer: A list of IP addresses,
domains, or email addresses that are blocked from sending email to the
organization.
29. What is a whitelist in email security? Answer: A list of trusted IP
addresses, domains, or email addresses that are allowed to bypass certain
security filters.
30. What is email sandboxing? Answer: A security technique that executes
suspicious email attachments in an isolated environment to detect malicious
behavior.
31. What is email throttling? Answer: The practice of limiting the rate at
which emails are processed or delivered to prevent system overload.
32. What is an email relay? Answer: A server that forwards email messages
from one mail server to another, often used for routing or security purposes.
33. What is email bouncing? Answer: When an email cannot be delivered and
is returned to the sender with an error message explaining the failure reason.
34. What is email spoofing protection? Answer: Security measures designed
to prevent attackers from forging sender information in email headers.
