Which DNS record is commonly used to publish DKIM public keys?

Unlock all questions

This demo includes only 20 questions. Upgrade to access hundreds of questions, flashcards, exam simulations, and disable ads.

Full question bankExam simulationsFlashcards
From $9.99Unlock all

Study for the CCST Cybersecurity Test. Study with flashcards and multiple choice questions, each question has hints and explanations. Get ready for your exam!

Multiple Choice

Which DNS record is commonly used to publish DKIM public keys?

Explanation:
DKIM public keys are published in DNS, and the standard method is a TXT record. The TXT record holds the actual public key data (and related DKIM parameters) in a text string that mail receivers can fetch and parse to verify a DKIM signature. This record is placed under a name that includes the selector, like selector._domainkey.example.com, so verifiers know which key to use for a given signing domain. Other DNS record types serve different purposes: A records map hostnames to IP addresses, MX records specify mail servers, and CNAME records create aliases. None of these are designed to carry the cryptographic key material in the format DKIM requires, so they aren’t used to publish the DKIM public key.

DKIM public keys are published in DNS, and the standard method is a TXT record. The TXT record holds the actual public key data (and related DKIM parameters) in a text string that mail receivers can fetch and parse to verify a DKIM signature. This record is placed under a name that includes the selector, like selector._domainkey.example.com, so verifiers know which key to use for a given signing domain.

Other DNS record types serve different purposes: A records map hostnames to IP addresses, MX records specify mail servers, and CNAME records create aliases. None of these are designed to carry the cryptographic key material in the format DKIM requires, so they aren’t used to publish the DKIM public key.

More Multiple Choice Questions
Subscribe

Get the latest from Examzify

You can unsubscribe at any time. Read our privacy policy