Ask Question
300-720: Securing Email with Cisco Email Security Appliance
Cisco
Exam Questions:
148
.png)
2.370 Learners
The Cisco 300-720 SESA exam is essential for professionals looking to specialize in email security. Discover the ultimate resource for 300-720 practice tests, curated from the experiences of those who have successfully passed the exam. These practice tests provide realistic scenarios and valuable insights to enhance your exam preparation.
Why Use 300-720 Practice Test?
-
Real Exam Experience: Our practice test accurately replicates the format and difficulty of the actual Cisco 300-720 exam, providing you with a realistic preparation experience.
-
Identify Knowledge Gaps: Practicing with these tests helps you identify areas where you need more study, allowing you to focus your efforts effectively.
-
Boost Confidence: Regular practice with exam-like questions builds your confidence and reduces test anxiety.
-
Track Your Progress: Monitor your performance over time to see your improvement and adjust your study plan accordingly.
Key Features of 300-720 Practice Test:
-
Up-to-Date Content: Our community ensures that the questions are regularly updated to reflect the latest exam objectives and technology trends.
-
Detailed Explanations: Each question comes with detailed explanations, helping you understand the correct answers and learn from any mistakes.
-
Comprehensive Coverage: The practice test covers all key topics of the Cisco 300-720 exam, including email content security, email encryption, and Cisco Email Security Appliance (ESA) configuration and deployment.
-
Customizable Practice: Create your own practice sessions based on specific topics or difficulty levels to tailor your study experience to your needs.
Exam number: 300-720
Exam name: Securing Email with Cisco Email Security Appliance (SESA 300-720)
Length of test: 90 minutes
Exam format: Multiple-choice, drag-and-drop, fill-in-the-blank, testlet, simlet, and simulation questions
Exam language: English
Number of questions in the actual exam: 55-65 questions
Passing score: Varies, typically around 750-850 out of 1000
Use the member-shared Cisco 300-720 Practice Test to ensure you’re fully prepared for your certification exam. Start practicing today and take a significant step towards achieving your certification goals!
Related questions
A Cisco ESA administrator has noticed that new messages being sent to the Centralized Policy
Quarantine are being released after one hour. Previously, they were being held for a day before being released.
What was configured that caused this to occur?
The retention period was changed to one hour.
The threshold settings were set to override the clock settings.
The retention period was set to default.
The threshold settings were set to default.
Explanation:
You can configure Policy, Virus, and Outbreak Quarantines in any one of the following ways:
Choose Quarantine > Other Quarantine > View > +.
Choose Monitor > Policy, Virus, and Outbreak Quarantines and do one of the following.
Click Add Policy Quarantine.
Keep the following in mind, changing the retention time of the File Analysis quarantine from the default of one hour is not recommended.
https://www.cisco.com/c/en/us/td/docs/security/esa/esa14-0/user_guide/b_ESA_Admin_Guide_14-0/b_ESA_Admin_Guide_12_1_chapter_011111.html?bookSearch=true
An administrator is managing multiple Cisco ESA devices and wants to view the quarantine emails from all devices in a central location.
How is this accomplished?
Disable the VOF feature before sending SPAM to the external quarantine.
Configure a mail policy to determine whether the message is sent to the local or external quarantine.
Disable the local quarantine before sending SPAM to the external quarantine.
Configure a user policy to determine whether the message is sent to the local or external quarantine.
Explanation:
Disabling the Local Spam Quarantine to Activate the External Quarantine If you were using a local spam quarantine before enabling an external spam quarantine, you must disable the local quarantine in order to send messages to the external quarantine.
https://www.cisco.com/c/en/us/td/docs/security/esa/esa11-1/user_guide/b_ESA_Admin_Guide_11_1/b_ESA_Admin_Guide_chapter_0101010.html?bookSearch=true#con_1172419
The CEO added a sender to a safelist but does not receive an important message expected from the trusted sender. An engineer evaluates message tracking on the Cisco Secure Email Gateway appliance and determines that the message was dropped by the antivirus engine. What is the reason for this behavior?
Unlock Premium Member
A Cisco ESA administrator has several mail policies configured. While testing policy match using a specific sender, the email was not matching the expected policy.
What is the reason of this?
The Tram* header is checked against all policies in a top-down fashion.
The message header with the highest priority is checked against each policy in a top-down fashion.
The To" header is checked against all policies in a top-down fashion.
The message header with the highest priority is checked against the Default policy in a top-down fashion.
Explanation:
The envelope sender and the envelope recipeint have a higher priority over the sender header when you match a message to a mail policy. If you configure a mail policy to match a specific user, the messages are automatically classified into the mail policy based on the envelope sender and the envelope recipient. https://www.cisco.com/c/en/us/td/docs/security/esa/esa11-1/user_guide/b_ESA_Admin_Guide_11_1/b_ESA_Admin_Guide_chapter_01001.html
An engineer is testing mail flow on a new Cisco ESA and notices that messages for domain abc.com are stuck in the delivery queue. Upon further investigation, the engineer notices that the messages pending delivery are destined for 192.168.1.11, when they should instead be routed to 192.168.1.10.
What configuration change needed to address this issue?
Add an address list for domain abc.com.
Modify Destination Controls entry for the domain abc.com.
Modify the SMTP route for the domain and change the IP address to 192.168.1.10.
Modify the Routing Tables and add a route for IP address to 192.168.1.10.
Explanation:
Reference: https://www.cisco.com/c/en/us/support/docs/security/email-security-appliance/118136-qanda-esa-00.html
You can use the SMTP route feature on Cisco ESA to specify how messages for a specific domain are routed to their destination. You can modify the SMTP route for the domain abc.com and change the IP address to 192.168.1.10 to ensure that messages are delivered correctly3. Reference = Securing Email with Cisco Email Security Appliance (SESA) v3.1
Which type of query must be configured when setting up the Spam Quarantine while merging notifications?
Spam Quarantine Alias Routing Query
Spam Quarantine Alias Consolidation Query
Spam Quarantine Alias Authentication Query
Spam Quarantine Alias Masquerading Query
Explanation:
Spam Quarantine Alias Consolidation Query is a type of query that must be configured when setting up the Spam Quarantine while merging notifications on Cisco ESA. This query allows Cisco ESA to consolidate multiple email addresses that belong to the same end user into one entry in the Spam
Quarantine, and send only one notification email to that end user with all the quarantined messages for all their email addresses.
Reference: User Guide for AsyncOS 15.0 for Cisco Secure Email Gateway, page 10-10.
A network engineer must tighten up the SPAM control policy of an organization due to a recent SPAM attack. In which scenario does enabling regional scanning improve security for this organization?
An administrator identifies that, over the past week, the Cisco ESA is receiving many emails from certain senders and domains which are being consistently quarantined. The administrator wants to ensure that these senders and domain are unable to send anymore emails.
Which feature on Cisco ESA should be used to achieve this?
incoming mail policies
safelist
blocklist
S/MIME Sending Profile
Explanation:
The appliance enforces your organization's policies for messages sent to and from your users through the use of mail policies. These are sets of rules that specify the types of suspect, sensitive, or malicious content that your organization may not want entering or leaving your network. This content may include:
-spam
-legitimate marketing messages
-graymail
-viruses
-phishing and other targeted mail attacks
-confidential corporate data
-personally identifiable information
https://www.cisco.com/c/en/us/td/docs/security/esa/esa11-1/user_guide/b_ESA_Admin_Guide_11_1/b_ESA_Admin_Guide_chapter_01001.html?bookSearch=true
A list of company executives is routinely being spoofed, which puts the company at risk of malicious email attacks An administrator must ensure that executive messages are originating from legitimate sending addresses Which two steps must be taken to accomplish this task? (Choose two.)
Which component must be added to the content filter to trigger on failed SPF Verification or DKIM Authentication verdicts?
status
response
parameter
condition
Explanation:
Condition is a component that must be added to the content filter to trigger on failed SPF Verification or DKIM Authentication verdicts. Condition is a criterion that determines whether a message matches a content filter rule or not, such as message size, sender address, attachment type, etc.
To add a condition to the content filter that triggers on failed SPF Verification or DKIM Authentication verdicts, the administrator can follow these steps:
Select Mail Policies > Content Filters and click Add Filter.
Enter a name and description for the content filter.
Under Conditions, click Add Condition.
Choose SPF Verification or DKIM Authentication from the drop-down menu.
Choose Fail from the drop-down menu.
Click Submit.
The other options are not valid components to trigger on failed SPF Verification or DKIM Authentication verdicts, because they are not part of content filters.
Reference: [User Guide for AsyncOS 15.0 for Cisco Secure Email Gateway], page 8-3 and page 8-4.
Question