Cisco 300-720 Practice Test - Questions Answers, Page 14

Public/Private keypair. A public/private keypair is a pair of cryptographic keys that are used to generate and verify digital signatures. The private key is used to sign the email message, while the public key is used to verify the signature. The public key is published in a DNS record, while the private key is stored on the Cisco Secure Email Gateway appliance[1, p. 2].

Domain signing profile. A domain signing profile is a configuration that specifies the domain and selector to use for signing outgoing messages, as well as the signing algorithm, canonicalization method, and header fields to include in the signature. You can create multiple domain signing profiles for different domains or subdomains[1, p. 3].

The other options are not valid because:

A. DMARC verification profile is not a component for utilizing a digital signature in outgoing emails. It is a component for verifying the authenticity of incoming emails based on SPF and DKIM results[2, p. 1].

B. SPF record is not a component for utilizing a digital signature in outgoing emails. It is a component for validating the sender IP address of incoming emails based on a list of authorized IP addresses published in a DNS record[3, p. 1].

E. PKI certificate is not a component for utilizing a digital signature in outgoing emails. It is a component for encrypting and decrypting email messages based on a certificate authority that issues and validates certificates[4, p. 1].

According to the [Cisco Secure Email User Guide], graymail is a category of email messages that are not spam but may be unwanted by some recipients, such as newsletters, promotions, or social media updates[5, p. 25]. Marketing is one of the subcategories of graymail that includes messages that advertise products or services[5, p. 26].

The other options are not valid because:

A. Malicious is not a category for classifying graymail. It is a category for classifying email messages that contain malicious content such as malware, phishing, or fraud[5, p. 25].

C. Spam is not a category for classifying graymail. It is a category for classifying email messages that are unsolicited, unwanted, or harmful[5, p. 25].

D. Priority is not a category for classifying graymail. It is a category for classifying email messages that are important, urgent, or relevant[5, p. 25].

To protect against Directory Harvest Attacks, the administrator must configure Directory Harvest

Attack Prevention in the mail flow policy that applies to the listener. This will enable the Cisco Secure

Email Gateway to reject or throttle messages that are sent to invalid recipients by checking the LDAP server for valid email addresses. Reference: [Cisco Secure Email Gateway Administrator Guide -Configuring Directory Harvest Attack Prevention]

To use the centralized spam quarantine on the Cisco Secure Email and Web Manager appliance, the administrator must disable the local spam quarantine on the Cisco Secure Email Gateway appliances.

This will prevent messages from being stored in both quarantines and avoid confusion for end users and administrators. Reference: [Cisco Secure Email and Web Manager User Guide - Configuring Centralized Spam Quarantine]

To meet the security policy of allowing visibility into what the URL is but not allowing the user to click it, the administrator must defang the URL. This means that the URL will be modified in a way that it is still readable by humans but not clickable by browsers. For example, http://example.com could be defanged as hxxp://example[.]com. Reference: [Cisco Secure Email Gateway Administrator Guide -Defanging URLs in Messages]

To encrypt SMTP with TLS on a Cisco Secure Email Gateway appliance when the sender requires TLS verification, the components that are required are an X.509 certificate and matching private key from a CA. The certificate must be signed by a trusted CA and contain the domain name or IP address of the listener in the Subject or Subject Alternative Name fields. The private key must be unencrypted and match the certificate. Reference: [Cisco Secure Email Gateway Administrator Guide - Configuring TLS]

The content filter condition that checks to see if the "From: header" in the message is similar to any of the users in the content dictionary is Forged Email Detection. This condition compares the sender's name or email address with a list of names or email addresses in a content dictionary and triggers an action if they match or are similar. Reference: [Cisco Secure Email Gateway Administrator Guide - Forged Email Detection]

Define an LDAP group query to specify users to whom the mail policy rules apply. This way, you can create a custom group of executive users and apply different mail policies to them based on their LDAP attributes[4, p. 2].

Create content filters for actions to take on messages that contain specific data. Content filters allow you to scan the message body and attachments for keywords, phrases, or patterns that match your criteria and perform actions such as quarantine, encrypt, or drop the message[4, p. 7].

The other options are not valid because:

C. Uploading a csv file containing the email addresses for the users for whom you want to create mail policies is not a supported feature of Cisco Secure Email1.

D. Enabling the content-scanning features you want to use with mail policies is not necessary, as content scanning is enabled by default for all incoming and outgoing messages[4, p. 6].

E. Defining the default mail policies for incoming or outgoing messages is not sufficient, as default mail policies apply to all users and do not allow for differentiation based on user groups[4, p. 2].