ExamGecko
Search Search Login
Home Home / Cisco / 300-720

Cisco 300-720 Practice Test - Questions Answers, Page 2

Question list
Search
Search

List of questions

Search
Open VPLUS File
Convert VPLUS to PDF

Related questions

Which type of query must be configured when setting up the Spam Quarantine while merging notifications?
A list of company executives is routinely being spoofed, which puts the company at risk of malicious email attacks An administrator must ensure that executive messages are originating from legitimate sending addresses Which two steps must be taken to accomplish this task? (Choose two.)
A network engineer must tighten up the SPAM control policy of an organization due to a recent SPAM attack. In which scenario does enabling regional scanning improve security for this organization?
An engineer is testing mail flow on a new Cisco ESA and notices that messages for domain abc.com are stuck in the delivery queue. Upon further investigation, the engineer notices that the messages pending delivery are destined for 192.168.1.11, when they should instead be routed to 192.168.1.10. What configuration change needed to address this issue?
An administrator is managing multiple Cisco ESA devices and wants to view the quarantine emails from all devices in a central location. How is this accomplished?
Which two query types are available when an LDAP profile is configured? (Choose two.)
A Cisco ESA administrator has noticed that new messages being sent to the Centralized Policy Quarantine are being released after one hour. Previously, they were being held for a day before being released. What was configured that caused this to occur?
Which component must be added to the content filter to trigger on failed SPF Verification or DKIM Authentication verdicts?
What is the order of virus scanning when multilayer antivirus scanning is configured?
An organization wants to use its existing Cisco ESA to host a new domain and enforce a separate corporate policy for that domain. What should be done on the Cisco ESA to achieve this?

Question 11

Report
Export
Collapse

Refer to the exhibit. What is the correct order of commands to set filter 2 to active?

A.

filters-> edit-> 2-> Active

A.

filters-> edit-> 2-> Active

Answers
B.

filters-> modify-> All-> Active

B.

filters-> modify-> All-> Active

Answers
C.

filters-> detail-> 2-> 1

C.

filters-> detail-> 2-> 1

Answers
D.

filters-> set-> 2-> 1

D.

filters-> set-> 2-> 1

Answers
Suggested answer: D

Explanation:

The correct order of commands to set filter 2 to active on the CLI of Cisco ESA is:

filters, which enters the message filter mode.

set, which sets the status of one or more message filters.

2, which specifies the message filter number.

1, which sets the status of message filter 2 to active.

The other options are not valid orders of commands to set filter 2 to active on the CLI of Cisco ESA, because they use incorrect commands or parameters.

Reference: User Guide for AsyncOS 15.0 for Cisco Secure Email Gateway, page A-6 and page A-7.

Question 12

Report
Export
Collapse

A network administrator notices that there are a high number of queries to the LDAP server. The mail logs show an entry "550 Too many invalid recipients | Connection closed by foreign host." Which feature must be used to address this?

A.

DHAP

A.

DHAP

Answers
B.

SBRS

B.

SBRS

Answers
C.

LDAP

C.

LDAP

Answers
D.

SMTP

D.

SMTP

Answers
Suggested answer: A

Explanation:

Reference:

https://www.cisco.com/c/en/us/td/docs/security/esa/esa12-0/user_guide/b_ESA_Admin_Guide_12_0/b_ESA_Admin_Guide_12_0_chapter_011010.html DHAP (Directory Harvest Attack Prevention) is a feature that must be used to address this issue.

DHAP is a mechanism that allows Cisco ESA to prevent directory harvest attacks, which are attempts by spammers or hackers to obtain valid email addresses from an LDAP server by sending messages with random or guessed recipients and checking for bounce messages.

To enable DHAP on Cisco ESA, the network administrator can follow these steps:

Select Network > Listeners and click Edit Settings for the listener that receives incoming messages.

Under SMTP Authentication Settings, select Enable Directory Harvest Attack Prevention.

Enter a value for Maximum Invalid Recipients per Hour, which is the number of invalid recipients that triggers DHAP.

Enter a value for Block Sender for (hours), which is the duration that Cisco ESA blocks messages from senders who exceed the maximum invalid recipients per hour.

Click Submit.

Question 13

Report
Export
Collapse

Refer to the exhibits. What must be done to enforce end user authentication before accessing quarantine?

A.

Enable SPAM notification and use LDAP for authentication.

A.

Enable SPAM notification and use LDAP for authentication.

Answers
B.

Enable SPAM Quarantine Notification and add the %quarantine_url% variable.

B.

Enable SPAM Quarantine Notification and add the %quarantine_url% variable.

Answers
C.

Change the end user quarantine access from None authentication to SAAS.

C.

Change the end user quarantine access from None authentication to SAAS.

Answers
D.

Change the end user quarantine access setting from None authentication to Mailbox.

D.

Change the end user quarantine access setting from None authentication to Mailbox.

Answers
Suggested answer: D

Explanation:

Reference: https://www.cisco.com/c/en/us/support/docs/security/email-security-appliance/118692-configure-esa-00.html#anc7

Changing the end user quarantine access setting from None authentication to Mailbox is the correct way to enforce end user authentication before accessing quarantine. This setting requires the end users to enter their email address and password in order to access their personal quarantine on the Cisco ESA.

The other options are not valid ways to enforce end user authentication before accessing quarantine, because they do not affect the end user quarantine access setting.

Reference: User Guide for AsyncOS 15.0 for Cisco Secure Email Gateway, page 10-2 and page 10-3.

Question 14

Report
Export
Collapse

An engineer is configuring a Cisco ESA for the first time and needs to ensure that any email traffic coming from the internal SMTP servers is relayed out through the Cisco ESA and is tied to the Outgoing Mail Policies.

Which Mail Flow Policy setting should be modified to accomplish this goal?

A.

Exception List

A.

Exception List

Answers
B.

Connection Behavior

B.

Connection Behavior

Answers
C.

Bounce Detection Signing

C.

Bounce Detection Signing

Answers
D.

Reverse Connection Verification

D.

Reverse Connection Verification

Answers
Suggested answer: B

Explanation:

Reference: https://www.cisco.com/c/en/us/support/docs/security/email-security-appliance/118136-qanda-esa-00.html

Connection Behavior setting allows you to specify how the Cisco Email Security Appliance (ESA) handles incoming connections from different sender groups. You can choose from four different settings:

Accept: The ESA accepts all connections from the sender group and applies the mail flow policy settings to the messages.

Throttle: The ESA limits the number of concurrent connections and messages per connection from the sender group. This can help reduce the impact of spam or malicious traffic on the ESA's performance.

Reject: The ESA rejects all connections from the sender group and returns a 5xx SMTP error code to the sender. This can help block unwanted or abusive senders from reaching your network.

Test: The ESA accepts connections from the sender group but does not deliver the messages to the recipients. Instead, it logs the messages and marks them as test messages. This can help you test the mail flow policy settings before applying them to real traffic.

To modify the Connection Behavior setting for a sender group, you need to do the following steps:

On the ESA, choose Mail Policies > HAT Overview.

Click Edit Settings for the sender group that you want to modify.

In the Mail Flow Policy Settings section, choose one of the options from the Connection Behavior drop-down list.

Click Submit and commit changes.

Question 15

Report
Export
Collapse

An organization wants to use its existing Cisco ESA to host a new domain and enforce a separate corporate policy for that domain.

What should be done on the Cisco ESA to achieve this?

A.

Use the smtproutes command to configure a SMTP route for the new domain.

A.

Use the smtproutes command to configure a SMTP route for the new domain.

Answers
B.

Use the deli very config command to configure mail delivery for the new domain.

B.

Use the deli very config command to configure mail delivery for the new domain.

Answers
C.

Use the dsestconf command to add a separate destination for the new domain.

C.

Use the dsestconf command to add a separate destination for the new domain.

Answers
D.

Use the altrchost command to add a separate gateway for the new domain.

D.

Use the altrchost command to add a separate gateway for the new domain.

Answers
Suggested answer: A

Explanation:

Reference:

https://www.cisco.com/c/en/us/td/docs/security/esa/esa12-0/user_guide/b_ESA_Admin_Guide_12_0/b_ESA_Admin_Guide_12_0_chapter_011001.html one of the steps to accept mail for additional internal domains on the Cisco ESA is to choose Network > SMTP Routes and enter the new domain and the corresponding destination host IP address1. This can also be done using the smtproutes command in the CLI1. The other commands (deliveryconfig, dsestconf, and altrchost) are not related to this task.

Question 16

Report
Export
Collapse

An engineer is configuring an SMTP authentication profile on a Cisco ESA which requires certificate verification.

Which section must be configured to accomplish this goal?

A.

Mail Flow Policies

A.

Mail Flow Policies

Answers
B.

Sending Profiles

B.

Sending Profiles

Answers
C.

Outgoing Mail Policies

C.

Outgoing Mail Policies

Answers
D.

Verification Profiles

D.

Verification Profiles

Answers
Suggested answer: A

Question 17

Report
Export
Collapse

Which SMTP extension does Cisco ESA support for email security?

A.

ETRN

A.

ETRN

Answers
B.

UTF8SMTP

B.

UTF8SMTP

Answers
C.

PIPELINING

C.

PIPELINING

Answers
D.

STARTTLS

D.

STARTTLS

Answers
Suggested answer: D

Explanation:

STARTTLS is an SMTP extension that allows email servers to negotiate a secure connection using TLS or SSL encryption. Cisco ESA supports STARTTLS for both inbound and outbound email delivery.

Reference: User Guide for AsyncOS 15.0 for Cisco Secure Email Gateway, page 5-2.

Reference: https://www.cisco.com/c/en/us/td/docs/security/esa/esa12-0/user_guide/b_ESA_Admin_Guide_12_0/b_ESA_Admin_Guide_12_0_chapter_011000.html

Question 18

Report
Export
Collapse

Which feature utilizes sensor information obtained from Talos intelligence to filter email servers connecting into the Cisco ESA?

A.

SenderBase Reputation Filtering

A.

SenderBase Reputation Filtering

Answers
B.

Connection Reputation Filtering

B.

Connection Reputation Filtering

Answers
C.

Talos Reputation Filtering

C.

Talos Reputation Filtering

Answers
D.

SpamCop Reputation Filtering

D.

SpamCop Reputation Filtering

Answers
Suggested answer: A

Explanation:

SenderBase Reputation Filtering is a feature that allows Cisco ESA to reject or throttle connections from email servers based on their reputation score, which is calculated by Talos using sensor information from various sources.

Reference: User Guide for AsyncOS 15.0 for Cisco Secure Email Gateway, page 6-2.

Question 19

Report
Export
Collapse

When the Spam Quarantine is configured on the Cisco ESA, what validates end-users via LDAP during login to the End-User Quarantine?

A.

Enabling the End-User Safelist/Blocklist feature

A.

Enabling the End-User Safelist/Blocklist feature

Answers
B.

Spam Quarantine External Authentication Query

B.

Spam Quarantine External Authentication Query

Answers
C.

Spam Quarantine End-User Authentication Query

C.

Spam Quarantine End-User Authentication Query

Answers
D.

Spam Quarantine Alias Consolidation Query

D.

Spam Quarantine Alias Consolidation Query

Answers
Suggested answer: C

Explanation:

Spam Quarantine End-User Authentication Query is a query that Cisco ESA performs against an LDAP server to validate the end-user credentials during login to the End-User Quarantine.

Reference: User Guide for AsyncOS 15.0 for Cisco Secure Email Gateway, page 10-9.

Reference: https://www.cisco.com/c/en/us/support/docs/security/email-security-appliance/118692-configure- esa-00.html

Question 20

Report
Export
Collapse

Which benefit does enabling external spam quarantine on Cisco SMA provide?

A.

ability to back up spam quarantine from multiple Cisco ESAs to one central console

A.

ability to back up spam quarantine from multiple Cisco ESAs to one central console

Answers
B.

access to the spam quarantine interface on which a user can release, duplicate, or delete

B.

access to the spam quarantine interface on which a user can release, duplicate, or delete

Answers
C.

ability to scan messages by using two engines to increase a catch rate

C.

ability to scan messages by using two engines to increase a catch rate

Answers
D.

ability to consolidate spam quarantine data from multiple Cisco ESA to one central console

D.

ability to consolidate spam quarantine data from multiple Cisco ESA to one central console

Answers
Suggested answer: D

Explanation:

External spam quarantine is a feature that allows Cisco SMA to store and manage spam messages quarantined by multiple Cisco ESAs in one central location, providing a unified view and administration of the spam quarantine data.

Reference: User Guide for AsyncOS 15.0 for Cisco Secure Email Gateway, page 10-3.

Reference: https://www.cisco.com/c/en/us/td/docs/security/security_management/sma/sma11-0/user_guide/ b_SMA_Admin_Guide/b_SMA_Admin_Guide_chapter_010101.html

Total 148 questions
Go to page: of 15
ExamGecko

Copyright @2023 ExamGecko | All right reserved

Mail us: [email protected]
About us
Contact us
Twitter X
Facebook
Medium
Convert VPLUS to PDF
Open VPLUS files Easily and Quickly
Privacy Policy
Disclaimer
Terms