CompTIA
Checkpoint
ISC
HP
Dell
EC-Council
EXIN
Fortinet
ITIL®
Juniper
PMI
Microsoft
VMware
Avaya
Google
Salesforce
Amazon
Palo Alto Networks
Certiport
ISC2
All Vendors
  2. Home
  3. Exams
  4. Cisco®
  5. 300-720

Free 300-720 Exam Braindumps (page: 13)

Page 12 of 38
PDF with 147 Questions

Which two components must be configured to perform DLP scanning? (Choose two.)

  1. Add a DLP policy on the Incoming Mail Policy.
  2. Add a DLP policy to the DLP Policy Manager.
  3. Enable a DLP policy on the Outgoing Mail Policy.
  4. Enable a DLP policy on the DLP Policy Customizations.
  5. Add a DLP policy to the Outgoing Content Filter.

Answer(s): B,C

Explanation:

To perform DLP scanning on Cisco ESA, two components must be configured:
Add a DLP policy to the DLP Policy Manager, which is a repository of predefined or custom DLP policies that specify what types of data to scan for and what actions to take if a match is found. Enable a DLP policy on the Outgoing Mail Policy, which is a set of rules that determine how outgoing messages are processed by Cisco ESA, including whether to apply DLP scanning or not.


Reference:

User Guide for AsyncOS 15.0 for Cisco Secure Email Gateway, page 9-2 and page 9-4.

https://www.cisco.com/c/en/us/td/docs/security/esa/esa11-1/user_guide/ b_ESA_Admin_Guide_11_1/b_ESA_Admin_Guide_chapter_010001.html



Which two certificate authority lists are available in Cisco ESA? (Choose two.)

  1. default
  2. system
  3. user
  4. custom
  5. demo

Answer(s): B,D

Explanation:

System: This is the default list of trusted certificate authorities that is provided by Cisco and updated automatically. It contains the certificates of well-known and widely used certificate authorities, such as VeriSign, Thawte, and GoDaddy.
Custom: This is the list of additional certificate authorities that you can add manually or import from a file. It allows you to trust certificates that are issued by your own or third-party certificate authorities that are not included in the system list.


Reference:

https://www.cisco.com/c/en/us/td/docs/security/esa/esa11-1/user_guide/ b_ESA_Admin_Guide_11_1/b_ESA_Admin_Guide_11_1_chapter_011000.html#task_1194859



Which two are configured in the DMARC verification profile? (Choose two.)

  1. name of the verification profile
  2. minimum number of signatures to verify
  3. ESA listeners to use the verification profile
  4. message action into an incoming or outgoing content filter
  5. message action to take when the policy is reject/quarantine

Answer(s): A,E

Explanation:

A DMARC verification profile is a list of parameters that the mail flow policies of the appliance use for verifying DMARC. The name of the verification profile identifies the profile and allows you to apply it to different mail flow policies. The message action to take when the policy is reject/quarantine determines how the appliance handles messages that fail DMARC verification based on the sender's DMARC policy.


Reference:

User Guide for AsyncOS 12.0 for Cisco Email Security Appliances - GD (General Deployment), Chapter: Email Authentication, Section: Configuring DMARC Verification

https://www.cisco.com/c/en/us/td/docs/security/esa/esa12-0/user_guide/ b_ESA_Admin_Guide_12_0/b_ESA_Admin_Guide_12_0_chapter_010101.html#task_1231917



Which two components form the graymail management solution in Cisco ESA? (Choose two.)

  1. cloud-based unsubscribe service
  2. uniform unsubscription management interface for end users
  3. secure subscribe option for end users
  4. integrated graymail scanning engine
  5. improved mail efficacy

Answer(s): A,D

Explanation:

The graymail management solution in the appliance comprises of two components: an integrated graymail scanning engine and a cloud-based Unsubscribe Service. The integrated graymail scanning engine identifies graymail messages using various criteria and assigns them to different categories. The cloud-based Unsubscribe Service provides an easy mechanism for end users to unsubscribe from unwanted messages by checking the reputation of the unsubscribe links and performing the unsubscribe process on behalf of the end user.


Reference:

User Guide for AsyncOS 12.0 for Cisco Email Security Appliances - GD (General Deployment), Chapter: Managing Graymail, Section: Graymail Management Solution in Email Security Appliance

https://www.cisco.com/c/en/us/td/docs/security/esa/esa12-0/user_guide/ b_ESA_Admin_Guide_12_0/b_ESA_Admin_Guide_chapter_01101.pdf (p.2)






Post your Comments and Discuss Cisco® 300-720 exam with other Community members:

300-720 Discussions & Posts