300-720 Online Practice Questions and Answers
Email encryption is configured on a Cisco ESA that uses CRES.
Which action is taken on a message when CRES is unavailable?
A. It is requeued.
B. It is sent in clear text.
C. It is dropped and an error message is sent to the sender.
D. It is encrypted by a Cisco encryption appliance.
Which two features of Cisco Email Security are added to a Sender Group to protect an organization against email threats? (Choose two.)
A. NetFlow
B. geolocation-based filtering
C. heuristic-based filtering
D. senderbase reputation filtering
E. content disarm and reconstruction
Which two steps configure Forged Email Detection? (Choose two.)
A. Configure a content dictionary with executive email addresses.
B. Configure a filter to use the Forged Email Detection rule and dictionary.
C. Configure a filter to check the Header From value against the Forged Email Detection dictionary.
D. Enable Forged Email Detection on the Security Services page.
E. Configure a content dictionary with friendly names.
Which two configurations are used on multiple LDAP servers to connect with Cisco ESA? (Choose two.)
A. load balancing
B. SLA monitor
C. active-standby
D. failover
E. active-active
Refer to the exhibit.
How should this configuration be modified to stop delivering Zero Day malware attacks?
A. Change Unscannable Action from Deliver As Is to Quarantine.
B. Change File Analysis Pending action from Deliver As Is to Quarantine.
C. Configure mailbox auto-remediation.
D. Apply Prepend on Modify Message Subject under Malware Attachments.
Users have been complaining of a higher volume of emails containing profanity. The network administrator will need to leverage dictionaries and create specific conditions to reduce the number of inappropriate emails.
Which two filters should be configured to address this? (Choose two.)
A. message
B. spam
C. VOF
D. sender group
E. content
An organization wants to use its existing Cisco ESA to host a new domain and enforce a separate corporate policy for that domain. What should be done on the Cisco ESA to achieve this?
A. Use the smtproutes command to configure a SMTP route for the new domain.
B. Use the deliveryconfig command to configure mail delivery for the new domain.
C. Use the dsestconf command to add a separate destination for the new domain.
D. Use the altrchost command to add a separate gateway for the new domain.
Refer to the exhibit.
An administrator has configured File Reputation and File Analysis on the Cisco ESA; however, is does not function as expected. What must be configured on the Cisco ESA for this to function?
A. Upload the Root CA certificate for the File Reputation cloud to the Cisco ESA.
B. Open port 443 on the firewall for the Cisco ESA to connect to the File Reputation cloud.
C. Restart the File Reputation service to force the scanning engine to connect to the File Reputation cloud.
D. Configure the Cisco ESA to use SSL for the connection to the File Reputation server.
An organization wants to designate help desk personnel to assist with tickets that request the release of messages from the spam quarantine because company policy does not permit end-user quarantine access to employees directly. Which two roles must be used for these personnel to release messages while restricting access to make configuration changes in the Cisco ESA? (Choose two.)
A. Administrator
B. Read-Only Operator
C. Technician
D. Quarantine Administrator
E. Help Desk User
Which restriction is in place for end users accessing the spam quarantine on Cisco ESA devices?
A. The end user must be assigned to the Guest role.
B. Access via a link in a notification in mandatory.
C. Authentication is required when accessing via a link in a notification.
D. Direct access via web browser requires authentication.