Study HIGH Quality 300-720 Free Study Guides and Exams Tutorials
Download Cisco 300-720 Exam Dumps to Pass Exam Easily
NEW QUESTION # 78
Which antispam feature is utilized to give end users control to allow emails that are spam to be delivered to their inbox, overriding any spam verdict and action on the Cisco ESA?
- A. end user allow list
- B. end user spam quarantine access
- C. end user passthrough list
- D. end user safelist
Answer: D
Explanation:
https://www.cisco.com/c/en/us/td/docs/security/esa/esa13-
0/user_guide/b_ESA_Admin_Guide_13-0.pdf P.129
NEW QUESTION # 79
Which two statements about configuring message filters within the Cisco ESA are true? (Choose two.)
- A. Message filters configuration within the web user interface is located within Incoming Content Filters.
- B. Message filters can be configured only from the web user interface.
- C. The filterconfig command executed from the CLI is used to configure message filters.
- D. The filters command executed from the CLI is used to configure the message filters.
- E. Message filters can be configured only from the CLI.
Answer: D,E
Explanation:
Message filters can only be applied to the ESA via command line. So, you will need command line access to the ESA.
Log into the ESA via command line.
Run the following highlighted commands to apply the message filter to the ESA:
ironport.example.com> filters
Choose the operation you want to perform:
- NEW - Create a new filter.
- IMPORT - Import a filter script from a file.
[]> NEW
Enter filter script. Enter '.' on its own line to end.
large_spam_no_attachment:
if ((body-size > 2097152) AND NOT (attachment-size > 0)) {
quarantine("large_spam");
log-entry("*****This is a large message with no attachments*****");
}
.
1 filters added.
NEW QUESTION # 80
Which two features are applied to either incoming or outgoing mail policies? (Choose two.)
- A. Indication of Compromise
- B. application filtering
- C. sender reputation filtering
- D. outbreak filters
- E. antivirus
Answer: D,E
Explanation:
Reference:
https://www.cisco.com/c/en/us/td/docs/security/esa/esa11-1/user_guide/ b_ESA_Admin_Guide_11_1/b_ESA_Admin_Guide_chapter_01001.html
NEW QUESTION # 81
Which restriction is in place for end users accessing the spam quarantine on Cisco Secure Email Gateway appliances?
- A. The end user must be assigned to the Guest role
- B. Direct access via web browser requires authentication.
- C. Authentication is required when accessing via a link in a notification.
- D. Access via a link in a notification is mandatory.
Answer: B
Explanation:
Direct access via web browser requires authentication is the restriction that is in place for end users accessing the spam quarantine on Cisco Secure Email Gateway appliances. Spam quarantine is a feature that allows Cisco ESA to store messages that are suspected to be spam and allow end users or administrators to review them and release or delete them as needed.
End users can access their personal spam quarantine on Cisco ESA either by clicking on a link in a notification email or by entering their email address and password in a web browser. In both cases, authentication is required to ensure security and privacy.
The other options are not valid restrictions that are in place for end users accessing the spam quarantine on Cisco Secure Email Gateway appliances, because they are either not mandatory or not related to authentication.
NEW QUESTION # 82
The company security policy requires that the finance department have an easy way to apply encryption to their outbound messages that contain sensitive data Users must be able to flag the messages that require encryption versus a Cisco Secure Email Gateway appliance scanning all messages and automatically encrypting via detection Which action enables this capability?
- A. Create a DLP policy manager message action with encryption enabled and apply it to active DLP policies for outgoing mail.
- B. Create an encryption profile and an outgoing content filter that includes \[SECURE\] within the Subject Header: Contains condition along with the Encrypt and Deliver Now action
- C. Create an outgoing content filter with no conditions and with the Encrypt and Deliver Now action configured with [SECURE] in the Subject setting
- D. Create an encryption profile with [SECURE] in the Subject setting and enable encryption on the mail flow policy
Answer: B
Explanation:
According to the [Cisco Secure Email Encryption Service Add-In User Guide], you can create an encryption profile that defines the encryption settings and options for your encrypted messages[2, p. 11]. You can also create an outgoing content filter that applies the encryption profile to the messages that match certain conditions, such as having [SECURE] in the subject header[2, p. 12]. This way, you can allow users to flag the messages that require encryption by adding [SECURE] to the subject line.
The other options are not valid because:
A) Creating an encryption profile with [SECURE] in the Subject setting and enabling encryption on the mail flow policy will not work, as the Subject setting in the encryption profile is used to specify the subject line of the encrypted message envelope, not the original message[2, p. 11].
B) Creating an outgoing content filter with no conditions and with the Encrypt and Deliver Now action configured with [SECURE] in the Subject setting will not work, as this will encrypt all outgoing messages regardless of whether they have [SECURE] in the subject line or not[2, p. 12].
D) Creating a DLP policy manager message action with encryption enabled and applying it to active DLP policies for outgoing mail will not work, as this will encrypt messages based on DLP rules that detect sensitive data in the message content, not based on user flags in the subject line.
NEW QUESTION # 83 
Refer to the exhibit. What is the correct order of commands to set filter 2 to active?
- A. filters-> modify-> All-> Active
- B. filters-> detail-> 2-> 1
- C. filters-> set-> 2-> 1
- D. filters-> edit-> 2-> Active
Answer: C
NEW QUESTION # 84
Which two statements about configuring message filters within the Cisco ESA are true? (Choose two.)
- A. Message filters configuration within the web user interface is located within Incoming Content Filters.
- B. Message filters can be configured only from the web user interface.
- C. The filterconfig command executed from the CLI is used to configure message filters.
- D. The filters command executed from the CLI is used to configure the message filters.
- E. Message filters can be configured only from the CLI.
Answer: D,E
NEW QUESTION # 85
Refer to the exhibit.
For improved security, an administrator wants to warn users about opening any links or attachments within an email How must the administrator configure an HTML-coded message at the top of an email body to create this warning?
- A. Create a text resource type of Notification Template, paste the HTML code into the text box, then use this text resource inside a content filter.
- B. Create a text resource type of Notification Template, change to code view to paste the HTML code into the text box. then use this text resource inside a content filter.
- C. Create a text resource type of Disclaimer Template paste the HTML code into the text box. then use this text resource inside a content filter
- D. Create a text resource type of Disclaimer Template change to code view to paste the HTML code into the text box, then use this text resource inside a content filter
Answer: D
Explanation:
According to the [Cisco Secure Email User Guide], you can create a text resource of type Disclaimer Template and use the code view option to insert HTML code into the text box. Then, you can use this text resource in a content filter to prepend or append the HTML message to the email body[1, p. 15-16].
The other options are not valid because:
A) Creating a text resource type of Disclaimer Template and pasting the HTML code into the text box without changing to code view will not work, as the HTML code will be treated as plain text and not rendered properly[1, p. 15].
C) Creating a text resource type of Notification Template and pasting the HTML code into the text box will not work, as Notification Templates are used for sending notifications to senders or recipients, not for modifying the email body[1, p. 17].
D) Creating a text resource type of Notification Template and changing to code view to paste the HTML code into the text box will not work, as Notification Templates are used for sending notifications to senders or recipients, not for modifying the email body[1, p. 17].
NEW QUESTION # 86
The CEO sent an email indicating that all emails containing a string of 123ABCDEFGHJ cannot be delivered and must be sent into quarantine for further inspection. Given the requirement, which regular expression should be used to match on that criteria?
- A. \W{3}[A-Z]{9}
- B. \\D{3}[A-Z]{9}
- C. \d{3}[A-Z]{9}
- D. {3}\d{9}[A-Z]
Answer: C
Explanation:
A regular expression is a sequence of characters that defines a search pattern for text. To match a string of 123ABCDEFGHJ, you need to use the following regular expression: \d{3}[A-Z]{9}. This expression means that the string must start with three digits (\d{3}), followed by nine uppercase letters ([A-Z]{9}). This expression will match any string that has the same format as 123ABCDEFGHJ. Reference = User Guide for AsyncOS 12.0 for Cisco Email Security Appliances - GD (General Deployment) - Regular Expressions [Cisco Secure Email Gateway] - Cisco
NEW QUESTION # 87
Refer to the exhibit. Which configuration on the scan behavior must be updated to allow the attachment to be scanned on the Cisco ESA?
- A. Add an additional mapping for attachment type for zip files.
- B. Enable assume match pattern if the email was not scanned for any reason.
- C. Increase the maximum recursion depth from 5 to a larger value.
- D. Increase the maximum attachment size to scan to a larger value.
Answer: D
Explanation:
The maximum attachment size to scan is a configuration on the scan behavior that determines the maximum size of an attachment that Cisco ESA will scan for viruses and malware. If an attachment exceeds this size, Cisco ESA will apply the configured action for unscannable messages, such as deliver, drop, or quarantine.
To allow the attachment to be scanned on the Cisco ESA, this configuration must be updated to a larger value than the attachment size, which is 10 MB according to the message header.
The other options are not valid configurations to allow the attachment to be scanned on the Cisco ESA, because they do not affect the maximum attachment size to scan.
NEW QUESTION # 88
Refer to the exhibit.
Which SPF record is valid for mycompany.com?
- A. v=spf1 a mx ip4:199.209.31.21 -all
- B. v=spf1 a mx ip4:199.209.31.2 -all
- C. v=spf1 a mx ip4:10.1.10.23 -all
- D. v=spf1 a mx ip4:172.16.18.230 -all
Answer: D
NEW QUESTION # 89
Which two statements about configuring message filters within the Cisco ESA are true? (Choose two.)
- A. Message filters configuration within the web user interface is located within Incoming Content Filters.
- B. Message filters can be configured only from the web user interface.
- C. The filterconfig command executed from the CLI is used to configure message filters.
- D. The filters command executed from the CLI is used to configure the message filters.
- E. Message filters can be configured only from the CLI.
Answer: D,E
Explanation:
Explanation/Reference:
Reference: https://www.cisco.com/c/en/us/support/docs/security/email-security-appliance/213940-esa- using-a-message-filter-to-take-act.html
NEW QUESTION # 90
An organization has multiple Cisco Secure Email Gateway appliances deployed, resulting in several spam quarantines to manage. To manage the quarantined messages, the administrator enabled the centralized spam quarantine on the Cisco Secure Email and Web Manager appliance and configured the external spam quarantine on the Cisco Secure Email Gateway appliances. However, messages are still being directed to the local quarantine on the Cisco Secure Email Gateway appliances What change is necessary to complete the configuration?
- A. Modify the external spam quarantine settings on the Cisco Secure Email Gateway appliances and change the port to 25
- B. Modify the incoming mail policies on the Cisco Secure Email Gateway appliances to redirect to the external quarantine
- C. Disable the external spam quarantine on the Cisco Secure Email Gateway appliances
- D. Disable the local spam quarantine on the Cisco Secure Email Gateway appliances.
Answer: D
Explanation:
To use the centralized spam quarantine on the Cisco Secure Email and Web Manager appliance, the administrator must disable the local spam quarantine on the Cisco Secure Email Gateway appliances. This will prevent messages from being stored in both quarantines and avoid confusion for end users and administrators. Reference: [Cisco Secure Email and Web Manager User Guide - Configuring Centralized Spam Quarantine]
NEW QUESTION # 91
Which feature must be configured before an administrator can use the outbreak filter for nonviral threats?
- A. antispam
- B. data loss prevention
- C. antivirus
- D. quarantine threat level
Answer: A
Explanation:
Reference:
https://www.cisco.com/c/en/us/td/docs/security/esa/esa12-0/user_guide/ b_ESA_Admin_Guide_12_0/b_ESA_Admin_Guide_chapter_01110.html
NEW QUESTION # 92
Which two query types are available when an LDAP profile is configured? (Choose two.)
- A. routing
- B. group
- C. proxy consolidation
- D. recursive
- E. user
Answer: A,E
Explanation:
User and routing are two query types that are available when an LDAP profile is configured on Cisco ESA. User queries are used to validate end-user credentials, such as for Spam Quarantine End-User Authentication or SMTP Authentication. Routing queries are used to determine the destination mail server for a recipient, such as for Mail Flow Policies or Delivery Methods.
NEW QUESTION # 93 

Refer to the exhibit. Which configuration on the scan behavior must be updated to allow the attachment to be scanned on the Cisco ESA?
- A. Increase the maximum attachment size to scan to a larger value.
- B. Add an additional mapping for attachment type for zip files.
- C. Enable assume match pattern if the email was not scanned for any reason.
- D. Increase the maximum recursion depth from 5 to a larger value.
Answer: B
NEW QUESTION # 94
What is the order of virus scanning when multilayer antivirus scanning is configured?
- A. The Sophos engine scans for viruses first and the McAfee engine scans for viruses second.
- B. The McAfee engine scans for viruses first and the default engine scans for viruses second.
- C. The default engine scans for viruses first and the McAfee engine scans for viruses second.
- D. The McAfee engine scans for viruses first and the Sophos engine scans for viruses second.
Answer: D
Explanation:
https://www.cisco.com/c/en/us/td/docs/security/esa/esa13-
0/user_guide/b_ESA_Admin_Guide_13-0.pdf P.402
NEW QUESTION # 95
When URL logging is configured on a Cisco ESA, which feature must be enabled first?
- A. antivirus
- B. senderbase reputation filter
- C. antispam
- D. virus outbreak filter
Answer: D
NEW QUESTION # 96
What are two phases of the Cisco ESA email pipeline? (Choose two.)
- A. delivery
- B. workqueue
- C. reject
- D. action
- E. quarantine
Answer: A,B
Explanation:
Reference:
https://www.cisco.com/c/en/us/td/docs/security/esa/esa12-1/user_guide/ b_ESA_Admin_Guide_12_1/b_ESA_Admin_Guide_12_1_chapter_011.pdf (p.1)
NEW QUESTION # 97
When outbreak filters are configured, which two actions are used to protect users from outbreaks? (Choose two.)
- A. redirect
- B. delay
- C. return
- D. drop
- E. abandon
Answer: A,B
NEW QUESTION # 98
Which two factors must be considered when message filter processing is configured? (Choose two.)
- A. mail policies
- B. lateral processing
- C. MIME structure of the message
- D. structure of the combined packet
- E. message-filter order
Answer: C,E
NEW QUESTION # 99
......
Get 100% Real Free CCNP Security 300-720 Sample Questions: https://pass4itsure.passleadervce.com/CCNP-Security/reliable-300-720-exam-learning-guide.html