Email Header Analysis Report
Role: Security Operation Center (SOC) Analyst 1. Incident Summary A user reported an email claiming to confirm registration for a “2024 Tech Conference.” Although the email content appeared legitimate, it was flagged for investigation due to uncertainty about whether the user had registered for the event. The Security Operations Center (SOC) conducted an email header analysis using MXToolbox and Sublime Text to determine the authenticity of the message. 2. Analysis Approach The following triage steps were performed : Extracted the full email header Parsed the header using MXToolbox Conducted manual inspection using Sublime Text Reviewed SPF , DKIM , and DMARC authentication results Analyzed the “ Received ” header to identify the origin Evaluated consistency between sender doma...
