Dumps of 300-720 Cover all the requirements of the Real Exam
Correct Practice Tests of 300-720 Dumps with Practice Exam
Cisco 300-720 certification is highly valued in the industry and is recognized by many organizations worldwide. Securing Email with Cisco Email Security Appliance certification demonstrates that a professional has the skills and knowledge required to secure email using Cisco Email Security Appliance technologies. Securing Email with Cisco Email Security Appliance certification is ideal for network security professionals, IT managers, and network administrators who want to enhance their skills in email security and strengthen their resume.
NEW QUESTION # 68
Which two actions are configured on the Cisco ESA to query LDAP servers? (Choose two.)
- A. route
- B. reject
- C. accept
- D. relay
- E. delay
Answer: A,C
Explanation:
If you store user information within LDAP directories in your network infrastructure you can configure the appliance to query your LDAP servers to accept, route, and authenticate messages. https://www.cisco.com/c/en/us/td/docs/security/esa/esa11-0/user_guide_fs/b_ESA_Admin_Guide_11_0/b_ESA_Admin_Guide_chapter_011010.html
NEW QUESTION # 69
What is the purpose of checking the CRL during SMTP authentication on a Cisco Secure Email Gateway?
- A. Verify the common name matches user ID
- B. Validate the date to check if the certificate is still valid
- C. Check if the certificate is not revoked.
- D. Confirm that corresponding CA is present
Answer: C
Explanation:
The purpose of checking the Certificate Revocation List (CRL) during SMTP authentication on a Cisco Secure Email Gateway is to check if the certificate is not revoked by the issuing Certificate Authority (CA). A revoked certificate means that it is no longer valid and should not be trusted. Reference = [User Guide for AsyncOS 12.0 for Cisco Email Security Appliances - GD (General Deployment) - Configuring SMTP Authentication [Cisco Secure Email Gateway] - Cisco]
NEW QUESTION # 70
A Cisco ESA administrator has several mail policies configured. While testing policy match using a specific sender, the email was not matching the expected policy.
What is the reason of this?
- A. The Tram* header is checked against all policies in a top-down fashion.
- B. The message header with the highest priority is checked against the Default policy in a top-down fashion.
- C. The message header with the highest priority is checked against each policy in a top-down fashion.
- D. The To" header is checked against all policies in a top-down fashion.
Answer: C
Explanation:
The envelope sender and the envelope recipeint have a higher priority over the sender header when you match a message to a mail policy. If you configure a mail policy to match a specific user, the messages are automatically classified into the mail policy based on the envelope sender and the envelope recipient. https://www.cisco.com/c/en/us/td/docs/security/esa/esa11-1/user_guide/b_ESA_Admin_Guide_11_1/b_ESA_Admin_Guide_chapter_01001.html
NEW QUESTION # 71
Which two factors must be considered when message filter processing is configured? (Choose two.)
- A. mail policies
- B. message-filter order
- C. MIME structure of the message
- D. lateral processing
- E. structure of the combined packet
Answer: B,C
Explanation:
Message-filter order and MIME structure of the message are two factors that must be considered when message filter processing is configured on Cisco ESA. Message-filter order determines the sequence in which message filters are evaluated and applied to incoming messages, which can affect the final outcome of the filtering process. MIME structure of the message determines how message filters match against different parts of the message, such as headers, body, attachments, etc., which can affect the accuracy and performance of the filtering process.
NEW QUESTION # 72
What is the default behavior of any listener for TLS communication?
- A. off
- B. required
- C. preferred
- D. preferred-verify
Answer: A
Explanation:
The default behavior of any listener for TLS communication is B. off. This means that TLS is not allowed for incoming connections to the listener and connections to the listener do not require encrypted Simple Mail Transfer Protocol (SMTP) conversations. This is stated in the web search result 1. To enable TLS for a listener, you need to configure the Use TLS option in the mail flow policy settings for the listener on the Mail Policies > HAT Overview page1. You can choose from three different settings for TLS: No, Preferred, or Required1.
NEW QUESTION # 73
An engineer is configuring a Cisco ESA for the first time and needs to ensure that any email traffic coming from the internal SMTP servers is relayed out through the Cisco ESA and is tied to the Outgoing Mail Policies.
Which Mail Flow Policy setting should be modified to accomplish this goal?
- A. Bounce Detection Signing
- B. Exception List
- C. Connection Behavior
- D. Reverse Connection Verification
Answer: C
Explanation:
https://www.cisco.com/c/en/us/support/docs/security/email-security-appliance/118136-qanda-esa-
00.html
NEW QUESTION # 74
Drag and Drop Question
Drag and drop the Cisco ESA reactions to a possible DLP from the left onto the correct action types on the right.
Answer:
Explanation:
NEW QUESTION # 75
Which attack is mitigated by using Bounce Verification?
- A. denial of service
- B. spoof
- C. smurf
- D. eavesdropping
Answer: A
Explanation:
Reference:
https://www.networkworld.com/article/2305394/ironport-adds-bounce-back-verification-for-e- mail.html
NEW QUESTION # 76
An engineer tries to implement phishing simul-ations to test end users, but they are being blocked by the Cisco Secure Email Gateway appliance. Which two components, when added to the allow list, allow these simul-ations to bypass antispam scanning? (Choose two.)
- A. spf check
- B. receivers
- C. domains
- D. senders
- E. reputation score
Answer: C,D
Explanation:
To allow phishing simul-ations to bypass antispam scanning, the administrator must add two components to the allow list: domains and senders. Domains are the email domains that are used in the phishing simulations, such as example.com or test.com. Senders are the email addresses that are used to send the phishing simulations, such as [email protected] or [email protected]. By adding these components to the allow list, the administrator can prevent them from being blocked by antispam scanning and allow them to reach the end users for testing purposes. Reference: [Cisco Secure Email Gateway Administrator Guide - Creating Allow Lists]
NEW QUESTION # 77
Drag and Drop Question
Drag and drop the AsyncOS methods for performing DMARC verification from the left into the correct order on the right.
Answer:
Explanation:
NEW QUESTION # 78
What are two primary components of content filters? (Choose two.)
- A. conditions
- B. actions
- C. subject
- D. policies
- E. content
Answer: A,B
Explanation:
Content filters are rules that allow Cisco ESA to perform actions on messages based on predefined or custom conditions, such as headers, envelope, body, attachments, etc.
The two primary components of content filters are:
Conditions, which are the criteria that determine whether a message matches a content filter rule or not, such as message size, sender address, attachment type, etc.
Actions, which are the operations that Cisco ESA performs on a message if it matches the conditions of a content filter rule, such as deliver, drop, quarantine, encrypt, etc.
The other options are not primary components of content filters on Cisco ESA.
NEW QUESTION # 79
When the Cisco ESA is configured to perform antivirus scanning, what is the default timeout value?
- A. 120 seconds
- B. 30 seconds
- C. 60 seconds
- D. 90 seconds
Answer: C
NEW QUESTION # 80
Refer to the exhibit. An engineer needs to change the existing Forged Email Detection message filter so that it references a newly created dictionary named 'Executives'.
What should be done to accomplish this task?
- A. Change fed' to "Executives".
- B. Change "from" to "Executives".
- C. Change "TESF to "Executives".
- D. Change "support" to "Executives".
Answer: D
Explanation:
https://www.ciscolive.com/c/dam/r/ciscolive/us/docs/2019/pdf/BRKSEC-2240.pdf
NEW QUESTION # 81
A Cisco ESA administrator has noticed that new messages being sent to the Centralized Policy Quarantine are being released after one hour. Previously, they were being held for a day before being released.
What was configured that caused this to occur?
- A. The retention period was set to default.
- B. The threshold settings were set to default.
- C. The threshold settings were set to override the clock settings.
- D. The retention period was changed to one hour.
Answer: A
Explanation:
You can configure Policy, Virus, and Outbreak Quarantines in any one of the following ways:
Choose Quarantine > Other Quarantine > View > +.
Choose Monitor > Policy, Virus, and Outbreak Quarantines and do one of the following.
Click Add Policy Quarantine.
Keep the following in mind, changing the retention time of the File Analysis quarantine from the default of one hour is not recommended.
https://www.cisco.com/c/en/us/td/docs/security/esa/esa14-0/user_guide/b_ESA_Admin_Guide_14-0/b_ESA_Admin_Guide_12_1_chapter_011111.html?bookSearch=true
NEW QUESTION # 82
An administrator notices that incoming emails with certain attachments do not get delivered to all recipients when the emails have multiple recipients in different domains like cisco.com and test.com. The same emails when sent only to recipients in cisco.com are delivered properly. How must the Cisco Secure Email Gateway be configured to avoid this behavior?
- A. Modify DLP configuration to ensure that all attachments are permitted for test.com.
- B. Modify DLP configuration to exempt DLP scanning for messages sent to test.com domain
- C. Modify mail policies for cisco.com to ensure that emails are not dropped.
- D. Modify mail policies so email recipients do not match multiple policies.
Answer: D
Explanation:
By modifying the mail policies, specifically the recipient matching criteria, you can ensure that email recipients do not match multiple policies simultaneously. When recipients in the email message belong to different domains (e.g., cisco.com and test.com), it can result in multiple policies being triggered simultaneously, leading to inconsistent delivery of emails with attachments.
DLP is for outgoing mail only and not relevant to incoming mail.
NEW QUESTION # 83
......
Cisco 300-720 certification exam is designed to test the skills and knowledge of IT professionals in securing email using the Cisco Email Security Appliance. Securing Email with Cisco Email Security Appliance certification is ideal for those who work in IT security and wish to expand their expertise in email security. 300-720 exam covers a range of topics, including email security protocols, policies, and best practices.
Sample Questions of 300-720 Dumps With 100% Exam Passing Guarantee: https://actualtests.real4prep.com/300-720-exam.html