ExamGecko
Search Search Login
Home Home / Cisco / 300-720

Cisco 300-720 Practice Test - Questions Answers, Page 12

Question list
Search
Search

List of questions

Search
Open VPLUS File
Convert VPLUS to PDF

Related questions

Which type of query must be configured when setting up the Spam Quarantine while merging notifications?
A list of company executives is routinely being spoofed, which puts the company at risk of malicious email attacks An administrator must ensure that executive messages are originating from legitimate sending addresses Which two steps must be taken to accomplish this task? (Choose two.)
A Cisco ESA administrator has noticed that new messages being sent to the Centralized Policy Quarantine are being released after one hour. Previously, they were being held for a day before being released. What was configured that caused this to occur?
An engineer is testing mail flow on a new Cisco ESA and notices that messages for domain abc.com are stuck in the delivery queue. Upon further investigation, the engineer notices that the messages pending delivery are destined for 192.168.1.11, when they should instead be routed to 192.168.1.10. What configuration change needed to address this issue?
A network engineer must tighten up the SPAM control policy of an organization due to a recent SPAM attack. In which scenario does enabling regional scanning improve security for this organization?
An administrator is managing multiple Cisco ESA devices and wants to view the quarantine emails from all devices in a central location. How is this accomplished?
Which two query types are available when an LDAP profile is configured? (Choose two.)
What is the order of virus scanning when multilayer antivirus scanning is configured?
An organization wants to use its existing Cisco ESA to host a new domain and enforce a separate corporate policy for that domain. What should be done on the Cisco ESA to achieve this?
Which component must be added to the content filter to trigger on failed SPF Verification or DKIM Authentication verdicts?

Question 111

Report
Export
Collapse

Refer to the exhibit.

Which configuration allows the Cisco Secure Email Gateway to scan for executables inside the archive file and apply the action as per the content filter?

A.

Configure the recursion depth to a higher value.

A.

Configure the recursion depth to a higher value.

Answers
B.

Modify the content filter to look for attachment filetype of compressed.

B.

Modify the content filter to look for attachment filetype of compressed.

Answers
C.

Configure the maximum attachment size to a higher value.

C.

Configure the maximum attachment size to a higher value.

Answers
D.

Modify the content filter to look for exe filename instead of executable filetype.

D.

Modify the content filter to look for exe filename instead of executable filetype.

Answers
Suggested answer: A

Explanation:

The recursion depth is the number of levels that the Cisco Secure Email Gateway will scan inside an archive file for executables and other file types. If the recursion depth is too low, some executables may not be detected and scanned by the content filter. To allow the appliance to scan for executables inside the archive file and apply the action as per the content filter, you need to configure the recursion depth to a higher value1. Reference = User Guide for AsyncOS 12.0 for Cisco Email Security

Appliances - GD (General Deployment) - Configuring File Reputation Filtering and File Analysis [Cisco Secure Email Gateway] - Cisco

Question 112

Report
Export
Collapse

Spammers routinely try to send emails with the recipient field filled with a list of all possible combinations of letters and numbers. These combinations, appended with a company domain name are malicious attempts at learning all possible valid email addresses. Which action must be taken on a Cisco Secure Email Gateway to prevent this from occurring?

A.

Select the SMTP Authentication Query checkbox

A.

Select the SMTP Authentication Query checkbox

Answers
B.

Perform LDAP acceptance validation.

B.

Perform LDAP acceptance validation.

Answers
C.

Quarantine external authentication queries.

C.

Quarantine external authentication queries.

Answers
D.

Enable end user safelist features

D.

Enable end user safelist features

Answers
Suggested answer: B

Explanation:

LDAP acceptance validation is a feature that allows the Cisco Secure Email Gateway to check if the recipient address of an incoming message exists in an LDAP directory before accepting it. This feature can help prevent spammers from sending emails with invalid recipient addresses and reduce the load on the appliance2. Reference = User Guide for AsyncOS 12.0 for Cisco Email Security Appliances - GD (General Deployment) - Configuring LDAP Queries [Cisco Secure Email Gateway] - Cisco

Question 113

Report
Export
Collapse

A Cisco Secure Email Gateway appliance is processing many messages that are sent to invalid recipients verification. Which two steps are required to accomplish this task? (Choose two.)

A.

Enable external LDAP authentication

A.

Enable external LDAP authentication

Answers
B.

Configure the LDAP query on a listener

B.

Configure the LDAP query on a listener

Answers
C.

Configure LDAP server profiles

C.

Configure LDAP server profiles

Answers
D.

Enable LDAP authentication on a listener

D.

Enable LDAP authentication on a listener

Answers
E.

Configure incoming mail policy to query LDAP server

E.

Configure incoming mail policy to query LDAP server

Answers
Suggested answer: B, C

Explanation:

To enable LDAP recipient verification on a Cisco Secure Email Gateway appliance, you need to configure the LDAP query on a listener and configure LDAP server profiles. The LDAP query specifies the criteria for matching recipient addresses against an LDAP directory. The LDAP server profile defines the connection settings and authentication credentials for accessing an LDAP server2.

Reference = User Guide for AsyncOS 12.0 for Cisco Email Security Appliances - GD (General Deployment) - Configuring LDAP Queries [Cisco Secure Email Gateway] - Cisco

Question 114

Report
Export
Collapse

An administrator manipulated the subnet mask but was still unable to access the user interface. How must the administrator access the Cisco Secure Email Gateway appliance to perform the initial configuration?

A.

Use the serial or console port

A.

Use the serial or console port

Answers
B.

Use the management port

B.

Use the management port

Answers
C.

Use the data 2 port

C.

Use the data 2 port

Answers
D.

Use the data 1 port

D.

Use the data 1 port

Answers
Suggested answer: A

Explanation:

If you are unable to access the user interface of the Cisco Secure Email Gateway appliance after manipulating the subnet mask, you can use the serial or console port to perform the initial configuration. The serial or console port provides a command-line interface that allows you to configure basic network settings such as IP address, subnet mask, gateway, and hostname3.

Reference = User Guide for AsyncOS 12.0 for Cisco Email Security Appliances - GD (General Deployment) - Configuring Network Settings [Cisco Secure Email Gateway] - Cisco

Question 115

Report
Export
Collapse

The CEO added a sender to a safelist but does not receive an important message expected from the trusted sender. An engineer evaluates message tracking on the Cisco Secure Email Gateway appliance and determines that the message was dropped by the antivirus engine. What is the reason for this behavior?

A.

The sender is included in an ISP blocklist

A.

The sender is included in an ISP blocklist

Answers
B.

Administrative access is required to create a safelist.

B.

Administrative access is required to create a safelist.

Answers
C.

The sender didn't mark the message as urgent

C.

The sender didn't mark the message as urgent

Answers
D.

End-user safelists apply to antispam engines only.

D.

End-user safelists apply to antispam engines only.

Answers
Suggested answer: D

Explanation:

The reason why the CEO did not receive an important message expected from a trusted sender after adding them to a safelist is because end-user safelists apply to antispam engines only. End-user safelists are lists of sender addresses or domains that end users can create and manage through their quarantine accounts or email clients. End-user safelists allow end users to accept or exempt messages from certain senders or domains from being identified as spam by the antispam engines.

However, end-user safelists do not affect other filtering engines such as antivirus, outbreak filters, or content filters. Reference = User Guide for AsyncOS 12.0 for Cisco Email Security Appliances - GD (General Deployment) - Safelists and Blocklists [Cisco Secure Email Gateway] - Cisco

Question 116

Report
Export
Collapse

A company has recently updated their security policy and now wants to drop all email messages larger than 100 MB coming from external sources. The Cisco Secure Email Gateway is LDAP integrated and all employee accounts are in the group "Employees". Which filter rule configuration provides the desired outcome?

A.

if (mail-from-group == 'Employees') and (body-size > "100M") {drop()}

A.

if (mail-from-group == 'Employees') and (body-size > "100M") {drop()}

Answers
B.

if (mail-from-group != 'Employees') and (body-size > 100M) {drop();}

B.

if (mail-from-group != 'Employees') and (body-size > 100M) {drop();}

Answers
C.

if (mail-from-group == 'Employees') and (body-size > 100M) {bounce();}

C.

if (mail-from-group == 'Employees') and (body-size > 100M) {bounce();}

Answers
D.

if ('mail-from-group != Employees') and (body-size > 100M) {drop();}

D.

if ('mail-from-group != Employees') and (body-size > 100M) {drop();}

Answers
Suggested answer: A

Question 117

Report
Export
Collapse

The CEO sent an email indicating that all emails containing a string of 123ABCDEFGHJ cannot be delivered and must be sent into quarantine for further inspection. Given the requirement, which regular expression should be used to match on that criteria?

A.

\\D{3}[A-Z]{9}

A.

\\D{3}[A-Z]{9}

Answers
B.

\d{3}[A-Z]{9}

B.

\d{3}[A-Z]{9}

Answers
C.

\W{3}[A-Z]{9}

C.

\W{3}[A-Z]{9}

Answers
D.

{3}\d{9}[A-Z]

D.

{3}\d{9}[A-Z]

Answers
Suggested answer: B

Explanation:

A regular expression is a sequence of characters that defines a search pattern for text. To match a string of 123ABCDEFGHJ, you need to use the following regular expression: \d{3}[A-Z]{9}. This expression means that the string must start with three digits (\d{3}), followed by nine uppercase letters ([A-Z]{9}). This expression will match any string that has the same format as 123ABCDEFGHJ.

Reference = User Guide for AsyncOS 12.0 for Cisco Email Security Appliances - GD (General Deployment) - Regular Expressions [Cisco Secure Email Gateway] - Cisco

Question 118

Report
Export
Collapse

A Cisco Secure Email Gateway administrator must provide outbound email authenticity and configures a DKIM signing profile to handle this task. What is the next step to allow this organization to use DKIM for their outbound email?

A.

Enable the DKIM service checker

A.

Enable the DKIM service checker

Answers
B.

Export the DNS TXT record to provide to the DNS registrar

B.

Export the DNS TXT record to provide to the DNS registrar

Answers
C.

Import the DNS record of the service provider into the Cisco Secure Email Gateway.

C.

Import the DNS record of the service provider into the Cisco Secure Email Gateway.

Answers
D.

Configure the Trusted Sender Group message authenticity policy.

D.

Configure the Trusted Sender Group message authenticity policy.

Answers
Suggested answer: B

Explanation:

To use DKIM for outbound email, the administrator must export the DNS TXT record from the Cisco

Secure Email Gateway and provide it to the DNS registrar of the domain. This will allow the recipient servers to verify the DKIM signature of the email by querying the DNS record of the sender domain. Reference: [Cisco Secure Email Gateway Administrator Guide - Configuring DKIM Signing]

Question 119

Report
Export
Collapse

Which functionality is impacted if the assigned certificate under one of the IP interfaces is modified?

A.

traffic between the Cisco Secure Email Gateway and the LDAP server

A.

traffic between the Cisco Secure Email Gateway and the LDAP server

Answers
B.

emails being delivered from the Cisco Secure Email Gateway

B.

emails being delivered from the Cisco Secure Email Gateway

Answers
C.

HTTPS traffic when connecting to the web user interface of the Cisco Secure Email Gateway

C.

HTTPS traffic when connecting to the web user interface of the Cisco Secure Email Gateway

Answers
D.

emails being received by the Cisco Secure Email Gateway

D.

emails being received by the Cisco Secure Email Gateway

Answers
Suggested answer: C

Explanation:

If the assigned certificate under one of the IP interfaces is modified, then the HTTPS traffic when connecting to the web user interface of the Cisco Secure Email Gateway will be impacted. The administrator must ensure that the certificate is valid and trusted by the browser or client that is used to access the web user interface. Otherwise, the connection may fail or generate a warning message. Reference: [Cisco Secure Email Gateway Administrator Guide - Configuring Certificates]

Question 120

Report
Export
Collapse

A trusted partner of an organization recently experienced a new campaign that was leveraging JavaScript attachments to trick users into executing malware. As a result, they created a local policy to deny messages with JavaScript attachments. Which action should the administrator of the organization take to ensure encrypted communications are delivered to the intended partner recipient?

A.

Insert the X-PostX-Use-Script' header with a value of false to the encrypted messages

A.

Insert the X-PostX-Use-Script' header with a value of false to the encrypted messages

Answers
B.

Select JavaScript-free' option within the Cisco Secure Email Encryption Service Add-in

B.

Select JavaScript-free' option within the Cisco Secure Email Encryption Service Add-in

Answers
C.

Create an outgoing content filter and add the Encrypt and Deliver Nov/ action with Use-Script option deselected

C.

Create an outgoing content filter and add the Encrypt and Deliver Nov/ action with Use-Script option deselected

Answers
D.

Create a new encryption profile and deselect the 'Use-Script' envelope settings option.

D.

Create a new encryption profile and deselect the 'Use-Script' envelope settings option.

Answers
Suggested answer: D

Explanation:

According to the User Guide for Cisco Secure Email Encryption Service Add-In 1, the 'Use-Script' option allows you to use JavaScript in the encrypted message envelope. This option is enabled by default, but you can disable it if you want to send encrypted messages to recipients who have security policies that block JavaScript attachments[2, p. 14].

The other options are not valid because:

A. Inserting the X-PostX-Use-Script header with a value of false to the encrypted messages is not a supported feature of the Cisco Secure Email Encryption Service Add-in1.

B. Selecting JavaScript-free option within the Cisco Secure Email Encryption Service Add-in is not a valid option. The add-in does not have such an option1.

C. Creating an outgoing content filter and adding the Encrypt and Deliver Nov/ action with Use-Script option deselected is not possible. The Encrypt and Deliver Nov/ action does not have a Use-Script option[2, p. 13].

Total 148 questions
Go to page: of 15
ExamGecko

Copyright @2023 ExamGecko | All right reserved

Mail us: [email protected]
About us
Contact us
Twitter X
Facebook
Medium
Convert VPLUS to PDF
Open VPLUS files Easily and Quickly
Privacy Policy
Disclaimer
Terms