Ask Question
Cisco 300-720 Practice Test - Questions Answers, Page 2
List of questions
Question 11
Refer to the exhibit. What is the correct order of commands to set filter 2 to active?
filters-> edit-> 2-> Active
filters-> modify-> All-> Active
filters-> detail-> 2-> 1
filters-> set-> 2-> 1
Explanation:
The correct order of commands to set filter 2 to active on the CLI of Cisco ESA is:
filters, which enters the message filter mode.
set, which sets the status of one or more message filters.
2, which specifies the message filter number.
1, which sets the status of message filter 2 to active.
The other options are not valid orders of commands to set filter 2 to active on the CLI of Cisco ESA, because they use incorrect commands or parameters.
Reference: User Guide for AsyncOS 15.0 for Cisco Secure Email Gateway, page A-6 and page A-7.
Question 12
A network administrator notices that there are a high number of queries to the LDAP server. The mail logs show an entry "550 Too many invalid recipients | Connection closed by foreign host." Which feature must be used to address this?
DHAP
SBRS
LDAP
SMTP
Explanation:
Reference:
https://www.cisco.com/c/en/us/td/docs/security/esa/esa12-0/user_guide/b_ESA_Admin_Guide_12_0/b_ESA_Admin_Guide_12_0_chapter_011010.html DHAP (Directory Harvest Attack Prevention) is a feature that must be used to address this issue.
DHAP is a mechanism that allows Cisco ESA to prevent directory harvest attacks, which are attempts by spammers or hackers to obtain valid email addresses from an LDAP server by sending messages with random or guessed recipients and checking for bounce messages.
To enable DHAP on Cisco ESA, the network administrator can follow these steps:
Select Network > Listeners and click Edit Settings for the listener that receives incoming messages.
Under SMTP Authentication Settings, select Enable Directory Harvest Attack Prevention.
Enter a value for Maximum Invalid Recipients per Hour, which is the number of invalid recipients that triggers DHAP.
Enter a value for Block Sender for (hours), which is the duration that Cisco ESA blocks messages from senders who exceed the maximum invalid recipients per hour.
Click Submit.
Question 13
Refer to the exhibits. What must be done to enforce end user authentication before accessing quarantine?
Enable SPAM notification and use LDAP for authentication.
Enable SPAM Quarantine Notification and add the %quarantine_url% variable.
Change the end user quarantine access from None authentication to SAAS.
Change the end user quarantine access setting from None authentication to Mailbox.
Explanation:
Reference: https://www.cisco.com/c/en/us/support/docs/security/email-security-appliance/118692-configure-esa-00.html#anc7
Changing the end user quarantine access setting from None authentication to Mailbox is the correct way to enforce end user authentication before accessing quarantine. This setting requires the end users to enter their email address and password in order to access their personal quarantine on the Cisco ESA.
The other options are not valid ways to enforce end user authentication before accessing quarantine, because they do not affect the end user quarantine access setting.
Reference: User Guide for AsyncOS 15.0 for Cisco Secure Email Gateway, page 10-2 and page 10-3.
Question 14
An engineer is configuring a Cisco ESA for the first time and needs to ensure that any email traffic coming from the internal SMTP servers is relayed out through the Cisco ESA and is tied to the Outgoing Mail Policies.
Which Mail Flow Policy setting should be modified to accomplish this goal?
Exception List
Connection Behavior
Bounce Detection Signing
Reverse Connection Verification
Explanation:
Reference: https://www.cisco.com/c/en/us/support/docs/security/email-security-appliance/118136-qanda-esa-00.html
Connection Behavior setting allows you to specify how the Cisco Email Security Appliance (ESA) handles incoming connections from different sender groups. You can choose from four different settings:
Accept: The ESA accepts all connections from the sender group and applies the mail flow policy settings to the messages.
Throttle: The ESA limits the number of concurrent connections and messages per connection from the sender group. This can help reduce the impact of spam or malicious traffic on the ESA's performance.
Reject: The ESA rejects all connections from the sender group and returns a 5xx SMTP error code to the sender. This can help block unwanted or abusive senders from reaching your network.
Test: The ESA accepts connections from the sender group but does not deliver the messages to the recipients. Instead, it logs the messages and marks them as test messages. This can help you test the mail flow policy settings before applying them to real traffic.
To modify the Connection Behavior setting for a sender group, you need to do the following steps:
On the ESA, choose Mail Policies > HAT Overview.
Click Edit Settings for the sender group that you want to modify.
In the Mail Flow Policy Settings section, choose one of the options from the Connection Behavior drop-down list.
Click Submit and commit changes.
Question 15
An organization wants to use its existing Cisco ESA to host a new domain and enforce a separate corporate policy for that domain.
What should be done on the Cisco ESA to achieve this?
Use the smtproutes command to configure a SMTP route for the new domain.
Use the deli very config command to configure mail delivery for the new domain.
Use the dsestconf command to add a separate destination for the new domain.
Use the altrchost command to add a separate gateway for the new domain.
Explanation:
Reference:
https://www.cisco.com/c/en/us/td/docs/security/esa/esa12-0/user_guide/b_ESA_Admin_Guide_12_0/b_ESA_Admin_Guide_12_0_chapter_011001.html one of the steps to accept mail for additional internal domains on the Cisco ESA is to choose Network > SMTP Routes and enter the new domain and the corresponding destination host IP address1. This can also be done using the smtproutes command in the CLI1. The other commands (deliveryconfig, dsestconf, and altrchost) are not related to this task.
Question 16
An engineer is configuring an SMTP authentication profile on a Cisco ESA which requires certificate verification.
Which section must be configured to accomplish this goal?
Mail Flow Policies
Sending Profiles
Outgoing Mail Policies
Verification Profiles
Question 17
Which SMTP extension does Cisco ESA support for email security?
ETRN
UTF8SMTP
PIPELINING
STARTTLS
Explanation:
STARTTLS is an SMTP extension that allows email servers to negotiate a secure connection using TLS or SSL encryption. Cisco ESA supports STARTTLS for both inbound and outbound email delivery.
Reference: User Guide for AsyncOS 15.0 for Cisco Secure Email Gateway, page 5-2.
Reference: https://www.cisco.com/c/en/us/td/docs/security/esa/esa12-0/user_guide/b_ESA_Admin_Guide_12_0/b_ESA_Admin_Guide_12_0_chapter_011000.html
Question 18
Which feature utilizes sensor information obtained from Talos intelligence to filter email servers connecting into the Cisco ESA?
SenderBase Reputation Filtering
Connection Reputation Filtering
Talos Reputation Filtering
SpamCop Reputation Filtering
Explanation:
SenderBase Reputation Filtering is a feature that allows Cisco ESA to reject or throttle connections from email servers based on their reputation score, which is calculated by Talos using sensor information from various sources.
Reference: User Guide for AsyncOS 15.0 for Cisco Secure Email Gateway, page 6-2.
Question 19
When the Spam Quarantine is configured on the Cisco ESA, what validates end-users via LDAP during login to the End-User Quarantine?
Enabling the End-User Safelist/Blocklist feature
Spam Quarantine External Authentication Query
Spam Quarantine End-User Authentication Query
Spam Quarantine Alias Consolidation Query
Explanation:
Spam Quarantine End-User Authentication Query is a query that Cisco ESA performs against an LDAP server to validate the end-user credentials during login to the End-User Quarantine.
Reference: User Guide for AsyncOS 15.0 for Cisco Secure Email Gateway, page 10-9.
Reference: https://www.cisco.com/c/en/us/support/docs/security/email-security-appliance/118692-configure- esa-00.html
Question 20
Which benefit does enabling external spam quarantine on Cisco SMA provide?
ability to back up spam quarantine from multiple Cisco ESAs to one central console
access to the spam quarantine interface on which a user can release, duplicate, or delete
ability to scan messages by using two engines to increase a catch rate
ability to consolidate spam quarantine data from multiple Cisco ESA to one central console
Explanation:
External spam quarantine is a feature that allows Cisco SMA to store and manage spam messages quarantined by multiple Cisco ESAs in one central location, providing a unified view and administration of the spam quarantine data.
Reference: User Guide for AsyncOS 15.0 for Cisco Secure Email Gateway, page 10-3.
Reference: https://www.cisco.com/c/en/us/td/docs/security/security_management/sma/sma11-0/user_guide/ b_SMA_Admin_Guide/b_SMA_Admin_Guide_chapter_010101.html
Related questions
Export
If you didn't receive an email within 5 minutes, you should submit a support request to [email protected].
|
BASIC - 1 Month
$
10
Full latest questions
No CAPTCHA
New Updates
Export to VPLUS
Export to PDF - All questions
Team support
|
PLUS - 2 Months
$
15
Full latest questions
No CAPTCHA
New Updates
Export to VPLUS
Export to PDF - All questions
Team support
|
PRO - 6 Months
$
40
Full latest questions
No CAPTCHA
New Updates
Export to VPLUS
Export to PDF - All questions
Team support
|
Full latest questions
No CAPTCHA
New Updates
Export to VPLUS
Export to PDF - All questions
Team support
Full latest questions
No CAPTCHA
New Updates
Export to VPLUS
Export to PDF - All questions
Team support
Full latest questions
No CAPTCHA
New Updates
Export to VPLUS
Export to PDF - All questions
Team support
.png)
Question