Downloadable Cisco 300-720 Study Guides Online

NEW QUESTION 1
Which two statements about configuring message filters within the Cisco ESA are true? (Choose two.)

• A. The filters command executed from the CLI is used to configure the message filters.
• B. Message filters configuration within the web user interface is located within Incoming Content Filters.
• C. The filterconfig command executed from the CLI is used to configure message filters.
• D. Message filters can be configured only from the CLI.
• E. Message filters can be configured only from the web user interface.

Answer: AD

NEW QUESTION 2
When virtual gateways are configured, which two distinct attributes are allocated to each virtual gateway address? (Choose two.)

• A. domain
• B. IP address
• C. DNS server address
• D. DHCP server address
• E. external spam quarantine

Answer: AB

NEW QUESTION 3
Which process is skipped when an email is received from safedomain.com, which is on the safelist?

• A. message filter
• B. antivirus scanning
• C. outbreak filter
• D. antispam scanning

Answer: A

NEW QUESTION 4
Which action is a valid fallback when a client certificate is unavailable during SMTP authentication on Cisco ESA?

• A. LDAP Query
• B. SMTP AUTH
• C. SMTP TLS
• D. LDAP BIND

Answer: B

NEW QUESTION 5
Which two configurations are used on multiple LDAP servers to connect with Cisco ESA? (Choose two.)

• A. load balancing
• B. SLA monitor
• C. active-standby
• D. failover
• E. active-active

Answer: AD

NEW QUESTION 6
Which two certificate authority lists are available in Cisco ESA? (Choose two.)

• A. default
• B. system
• C. user
• D. custom
• E. demo

Answer: BD

NEW QUESTION 7
What are two primary components of content filters? (Choose two.)

• A. conditions
• B. subject
• C. content
• D. actions
• E. policies

Answer: AD

NEW QUESTION 8
When DKIM signing is configured, which DNS record must be updated to load the DKIM public signing key?

• A. AAAA record
• B. PTR record
• C. TXT record
• D. MX record

Answer: B

Explanation:
37 Which attack is mitigated by using Bounce Verification?
A. spoof
B. denial of service
C. eavesdropping
D. smurf

NEW QUESTION 9
What is the default behavior of any listener for TLS communication?

• A. preferred-verify
• B. off
• C. preferred
• D. required

Answer: B

NEW QUESTION 10
Which global setting is configured under Cisco ESA Scan Behavior?

• A. minimum attachment size to scan
• B. attachment scanning timeout
• C. actions for unscannable messages due to attachment type
• D. minimum depth of attachment recursion to scan

Answer: B

NEW QUESTION 11
When email authentication is configured on Cisco ESA, which two key types should be selected on the signing profile? (Choose two.)

• A. DKIM
• B. Public Keys
• C. Domain Keys
• D. Symmetric Keys
• E. Private Keys

Answer: AC

NEW QUESTION 12
What is the default port to deliver emails from the Cisco ESA to the Cisco SMA using the centralized Spam Quarantine?

• A. 8025
• B. 6443
• C. 6025
• D. 8443

Answer: C

NEW QUESTION 13
When the Spam Quarantine is configured on the Cisco ESA, what validates end-users via LDAP during login to the End-User Quarantine?

• A. Enabling the End-User Safelist/Blocklist feature
• B. Spam Quarantine External Authentication Query
• C. Spam Quarantine End-User Authentication Query
• D. Spam Quarantine Alias Consolidation Query

Answer: C

NEW QUESTION 14
Which two features of Cisco Email Security are added to a Sender Group to protect an organization against email threats? (Choose two.)

• A. NetFlow
• B. geolocation-based filtering
• C. heuristic-based filtering
• D. senderbase reputation filtering
• E. content disarm and reconstruction

Answer: CD

NEW QUESTION 15
When URL logging is configured on a Cisco ESA, which feature must be enabled first?

• A. antivirus
• B. antispam
• C. virus outbreak filter
• D. senderbase reputation filter

Answer: C

NEW QUESTION 16
What is the order of virus scanning when multilayer antivirus scanning is configured?

• A. The default engine scans for viruses first and the McAfee engine scans for viruses second.
• B. The Sophos engine scans for viruses first and the McAfee engine scans for viruses second.
• C. The McAfee engine scans for viruses first and the default engine scans for viruses second.
• D. The McAfee engine scans for viruses first and the Sophos engine scans for viruses second.

Answer: C

NEW QUESTION 17
Which suboption must be selected when LDAP is configured for Spam Quarantine End-User Authentication?

• A. Designate as the active query
• B. Update Frequency
• C. Server Priority
• D. Entity ID

Answer: A

NEW QUESTION 18
What is the default HTTPS port when configuring spam quarantine on Cisco ESA?

• A. 83
• B. 82
• C. 443
• D. 80

Answer: A

NEW QUESTION 19
Which method enables an engineer to deliver a flagged message to a specific virtual gateway address in the most flexible way?

• A. Set up the interface group with the flag.
• B. Issue the altsrchost command.
• C. Map the envelope sender address to the host.
• D. Apply a filter on the message.

Answer: B

NEW QUESTION 20
DRAG DROP
An Encryption Profile has been set up on the Cisco ESA.
Drag and drop the steps from the left for creating an outgoing content filter to encrypt emails that contains the subject "Secure:" into the correct order on the right.
Select and Place:

• A. Mastered
• B. Not Mastered

Answer: A

Explanation:

NEW QUESTION 21
Which SMTP extension does Cisco ESA support for email security?

• A. ETRN
• B. UTF8SMTP
• C. PIPELINING
• D. STARTTLS

Answer: D

NEW QUESTION 22
Which two are configured in the DMARC verification profile? (Choose two.)

• A. name of the verification profile
• B. minimum number of signatures to verify
• C. ESA listeners to use the verification profile
• D. message action into an incoming or outgoing content filter
• E. message action to take when the policy is reject/quarantine

Answer: AE

NEW QUESTION 23
Which feature must be configured before an administrator can use the outbreak filter for nonviral threats?

• A. quarantine threat level
• B. antispam
• C. data loss prevention
• D. antivirus

Answer: B

NEW QUESTION 24
......