Cisco
CompTIA
ISC
EC-Council
EXIN
Fortinet
ITIL
Juniper
Microsoft
VMware
Avaya
SAP
Google
NVIDIA
Salesforce
Amazon
Palo Alto Networks
ISC2
Splunk
ServiceNow
All Vendors
  2. Home
  3. Exams
  4. Cisco
  5. 300-720

Cisco 300-720 Exam
Securing Email with Cisco Email Security Appliance (300-720 SESA) (Page 2 )

Updated On: 1-Feb-2026
Page 2 of 31
PDF with 179 Questions

Which SMTP extension does Cisco ESA support for email security?

  1. ETRN
  2. UTF8SMTP
  3. PIPELINING
  4. STARTTLS

Answer(s): D

Explanation:

STARTTLS is an SMTP extension that allows email servers to negotiate a secure connection using TLS or SSL encryption. Cisco ESA supports STARTTLS for both inbound and outbound email delivery.


Reference:

User Guide for AsyncOS 15.0 for Cisco Secure Email Gateway, page 5-2.
https://www.cisco.com/c/en/us/td/docs/security/esa/esa12-0/user_guide/ b_ESA_Admin_Guide_12_0/b_ESA_Admin_Guide_12_0_chapter_011000.html



An organization wants to designate help desk personnel to assist with tickets that request the release of messages from the spam quarantine because company policy does not permit direct end-user access to the quarantine.
Which two roles must be used to allow help desk personnel to release messages while restricting their access to make configuration changes in the Cisco Secure Email Gateway? (Choose two.)

  1. Administrator
  2. Help Desk User
  3. Read-Only Operator
  4. Technician
  5. Quarantine Administrator

Answer(s): B,E

Explanation:

All users with administrator privileges can change spam quarantine settings and view and manage messages in the spam quarantine. You do not need to configure spam quarantine access for administrator users.

If you configure access to the spam quarantine for users with the following roles, they can view, release, and delete messages in the spam quarantine:

-Operator
-Read-only operator
-Help desk user
-Guest
-Custom user roles that have spam quarantine privileges

These users cannot access spam quarantine settings.


Reference:

https://www.cisco.com/c/en/us/td/docs/security/esa/esa14- 0/user_guide/b_ESA_Admin_Guide_14-
0/b_ESA_Admin_Guide_12_1_chapter_0100000.html?bookSearch=true#con_1624156



When the spam quarantine is configured on the Cisco Secure Email Gateway, which type of query is used to validate non administrative user access to the end-user quarantine via LDAP?

  1. spam quarantine end-user authentication
  2. spam quarantine alias consolidation
  3. spam quarantine external authorization
  4. local mailbox (IMAP/POP) authentication

Answer(s): A

Explanation:

spam quarantine end-user authentication query is used to validate non administrative user access to the end-user quarantine via LDAP1. This query is configured in the System Administration > LDAP > LDAP Server Profile page and can be tested using the smtproutes command in the CLI1. The other queries are not related to this task. The spam quarantine alias consolidation query is used to consolidate multiple email addresses for a user into one login2. The spam quarantine external authorization query is used to authorize users to access an external spam quarantine on a separate Cisco Secure Email and Web Manager3. The local mailbox (IMAP/POP) authentication is an alternative method to authenticate users without using LDAP2.



An administrator notices that incoming emails with certain attachments do not get delivered to all recipients when the emails have multiple recipients in different domains like cisco.com and test.com. The same emails when sent only to recipients in cisco.com are delivered properly. How must the Cisco Secure Email Gateway be configured to avoid this behavior?

  1. Modify mail policies for cisco.com to ensure that emails are not dropped.
  2. Modify mail policies so email recipients do not match multiple policies.
  3. Modify DLP configuration to ensure that all attachments are permitted for test.com.
  4. Modify DLP configuration to exempt DLP scanning for messages sent to test.com domain

Answer(s): B

Explanation:

By modifying the mail policies, specifically the recipient matching criteria, you can ensure that email recipients do not match multiple policies simultaneously.
When recipients in the email message belong to different domains (e.g., cisco.com and test.com), it can result in multiple policies being triggered simultaneously, leading to inconsistent delivery of emails with attachments.

DLP is for outgoing mail only and not relevant to incoming mail.



An engineer is tasked with creating a content filter to catch attachments, including credit card numbers, and hold them for review until further action is taken.
Which component on a Cisco Secure Email Gateway must be configured to meet this requirement?

  1. Spam Quarantine
  2. Policy Quarantine
  3. Outbreak Filter
  4. Content Filter

Answer(s): D

Explanation:

Content filter is a component on a Cisco Secure Email Gateway that must be configured to catch attachments, including credit card numbers, and hold them for review until further action is taken. Content filter allows you to define rules based on message content and apply actions such as quarantine, encrypt, or modify. Reference = [User Guide for AsyncOS 12.0 for Cisco Email Security Appliances - GD (General Deployment) - Content Filters [Cisco Secure Email Gateway] - Cisco]



Viewing page 2 of 31
Viewing questions 6 - 10 out of 179 questions



Post your Comments and Discuss Cisco 300-720 exam prep with other Community members:

Join the 300-720 Discussion