CompTIA
Checkpoint
ISC
HP
Dell
EC-Council
EXIN
Fortinet
ITIL®
Juniper
PMI
Microsoft
VMware
Avaya
Google
Salesforce
Amazon
Palo Alto Networks
Certiport
ISC2
All Vendors
  2. Home
  3. Exams
  4. Cisco®
  5. 300-720

Free 300-720 Exam Braindumps (page: 9)

Page 8 of 38
PDF with 147 Questions

Which type of query must be configured when setting up the Spam Quarantine while merging notifications?

  1. Spam Quarantine Alias Routing Query
  2. Spam Quarantine Alias Consolidation Query
  3. Spam Quarantine Alias Authentication Query
  4. Spam Quarantine Alias Masquerading Query

Answer(s): B

Explanation:

Spam Quarantine Alias Consolidation Query is a type of query that must be configured when setting up the Spam Quarantine while merging notifications on Cisco ESA. This query allows Cisco ESA to consolidate multiple email addresses that belong to the same end user into one entry in the Spam Quarantine, and send only one notification email to that end user with all the quarantined messages for all their email addresses.


Reference:

User Guide for AsyncOS 15.0 for Cisco Secure Email Gateway, page 10-10.



Which two factors must be considered when message filter processing is configured? (Choose two.)

  1. message-filter order
  2. lateral processing
  3. structure of the combined packet
  4. mail policies
  5. MIME structure of the message

Answer(s): A,E

Explanation:

Message-filter order and MIME structure of the message are two factors that must be considered when message filter processing is configured on Cisco ESA. Message-filter order determines the sequence in which message filters are evaluated and applied to incoming messages, which can affect the final outcome of the filtering process. MIME structure of the message determines how message filters match against different parts of the message, such as headers, body, attachments, etc., which can affect the accuracy and performance of the filtering process.


Reference:

User Guide for AsyncOS 15.0 for Cisco Secure Email Gateway, page 3-3 and page 3-5.


https://www.cisco.com/c/en/us/td/docs/security/esa/esa12-0/user_guide/ b_ESA_Admin_Guide_12_0/b_ESA_Admin_Guide_chapter_01000.html



How does the graymail safe unsubscribe feature function?

  1. It strips the malicious content of the URI before unsubscribing.
  2. It checks the URI reputation and category and allows the content filter to take an action on it.
  3. It redirects the end user who clicks the unsubscribe button to a sandbox environment to allow a safe unsubscribe.
  4. It checks the reputation of the URI and performs the unsubscribe process on behalf of the end user.

Answer(s): D

Explanation:

Secure unsubscribe option for end users. Mimicking an unsubscribe option is a popular phishing technique. For this reason, the end users are generally wary of clicking unknown unsubscribe links. For such scenarios, the cloud-based Unsubscribe Service extracts the original unsubscribe URI, checks the reputation of the URI, and then performs the unsubscribe process on behalf of the end user. This protects end users from malicious threats masquerading as unsubscribe links. https://www.cisco.com/c/en/us/td/docs/security/esa/esa14-2- 1/User_Guide/b_ESA_Admin_Guide_14-2-
1/b_ESA_Admin_Guide_12_1_chapter_01110.html#id_101033


Reference:

https://www.cisco.com/c/en/us/support/docs/security/email-security-appliance/200383-
Graymail- Detection-and-Safe-Unsubscribin.html



An administrator is trying to enable centralized PVO but receives the error, "Unable to proceed with Centralized Policy, Virus and Outbreak Quarantines configuration as esa1 in Cluster has content filters / DLP actions available at a level different from the cluster level."

What is the cause of this error?

  1. Content filters are configured at the machine-level on esa1.
  2. DLP is configured at the cluster-level on esa2.
  3. DLP is configured at the domain-level on esa1.
  4. DLP is not configured on host1.

Answer(s): D

Explanation:

The PVO cannot be enabled and shows this type of error message.

Unable to proceed with Centralized Policy, Virus and Outbreak Quarantines configuration as host1 and host2 in Cluster have content filters / DLP actions available at a level different from the cluster Level. The error message can indicate that one of the hosts does not have a DLP feature key applied and DLP is disabled. The solution is to add the missing feature key and apply DLP settings identical as on the host that has the feature key applied. This feature key inconsistency might have the same effect with Outbreak Filters, Sophos Antivirus, and other feature keys.


Reference:

https://www.cisco.com/c/en/us/support/docs/security/email-security-appliance/118026-technote- esa-00.html

https://www.cisco.com/c/en/us/support/docs/security/email-security-appliance/118026- technote- esa-00.html






Post your Comments and Discuss Cisco® 300-720 exam with other Community members:

300-720 Discussions & Posts