ExamGecko
Search Search Login
Home Home / Cisco / 300-720
Question list
Search
Search

List of questions

Search
Open VPLUS File
Convert VPLUS to PDF

Related questions

Which type of query must be configured when setting up the Spam Quarantine while merging notifications?
A list of company executives is routinely being spoofed, which puts the company at risk of malicious email attacks An administrator must ensure that executive messages are originating from legitimate sending addresses Which two steps must be taken to accomplish this task? (Choose two.)
A Cisco ESA administrator has noticed that new messages being sent to the Centralized Policy Quarantine are being released after one hour. Previously, they were being held for a day before being released. What was configured that caused this to occur?
A network engineer must tighten up the SPAM control policy of an organization due to a recent SPAM attack. In which scenario does enabling regional scanning improve security for this organization?
An engineer is testing mail flow on a new Cisco ESA and notices that messages for domain abc.com are stuck in the delivery queue. Upon further investigation, the engineer notices that the messages pending delivery are destined for 192.168.1.11, when they should instead be routed to 192.168.1.10. What configuration change needed to address this issue?
An administrator is managing multiple Cisco ESA devices and wants to view the quarantine emails from all devices in a central location. How is this accomplished?
Which two query types are available when an LDAP profile is configured? (Choose two.)
What is the order of virus scanning when multilayer antivirus scanning is configured?
An organization wants to use its existing Cisco ESA to host a new domain and enforce a separate corporate policy for that domain. What should be done on the Cisco ESA to achieve this?
Which component must be added to the content filter to trigger on failed SPF Verification or DKIM Authentication verdicts?

Question 39 - 300-720 discussion

Report
Export

Which two steps configure Forged Email Detection? (Choose two.)

A.

Configure a content dictionary with executive email addresses.

Answers
A.

Configure a content dictionary with executive email addresses.

B.

Configure a filter to use the Forged Email Detection rule and dictionary.

Answers
B.

Configure a filter to use the Forged Email Detection rule and dictionary.

C.

Configure a filter to check the Header From value against the Forged Email Detection dictionary.

Answers
C.

Configure a filter to check the Header From value against the Forged Email Detection dictionary.

D.

Enable Forged Email Detection on the Security Services page.

Answers
D.

Enable Forged Email Detection on the Security Services page.

E.

Configure a content dictionary with friendly names.

Answers
E.

Configure a content dictionary with friendly names.

Suggested answer: B, E

Explanation:

Forged Email Detection is a feature that allows Cisco ESA to detect and block messages that spoof the display names of internal senders in the From header, such as executives or managers, to trick recipients into opening malicious or fraudulent emails. To configure this feature, two steps are required:

Configure a content dictionary with friendly names of internal senders that should not appear in the From header of external messages, such as Alpha Beta or John Smith.

Configure a filter to use the Forged Email Detection rule and dictionary, which will compare the display name in the From header of incoming messages with the entries in the content dictionary, and apply the configured action if a match is found.

Reference: User Guide for AsyncOS 15.0 for Cisco Secure Email Gateway, page 9-8.

Show Answer
asked 10/10/2024
Alfredo Gonzalez
34 questions
PreviousPreviousNextNext
User
Your answer:
0 comments
Sorted by

Leave a comment first

ExamGecko

Copyright @2023 ExamGecko | All right reserved

Mail us: [email protected]
About us
Contact us
Twitter X
Facebook
Medium
Convert VPLUS to PDF
Open VPLUS files Easily and Quickly
Privacy Policy
Disclaimer
Terms