300-720 Braindumps PDF, Cisco 300-720 Exam Cram
New 2024 300-720 Sample Questions Reliable 300-720 Test Engine
Cisco 300-720 exam is an essential certification for IT professionals who want to enhance their skills in email security. 300-720 exam validates the candidates’ understanding of email security concepts and their ability to configure and manage the Cisco Email Security Appliance. By passing this certification exam, IT professionals can demonstrate their expertise to potential employers and advance their careers in the field of IT security.
NEW QUESTION # 37
Which two steps configure Forged Email Detection? (Choose two.)
- A. Configure a filter to use the Forged Email Detection rule and dictionary.
- B. Enable Forged Email Detection on the Security Services page.
- C. Configure a content dictionary with executive email addresses.
- D. Configure a content dictionary with friendly names.
- E. Configure a filter to check the Header From value against the Forged Email Detection dictionary.
Answer: A,D
Explanation:
Forged Email Detection is a feature that allows Cisco ESA to detect and block messages that spoof the display names of internal senders in the From header, such as executives or managers, to trick recipients into opening malicious or fraudulent emails. To configure this feature, two steps are required:
Configure a content dictionary with friendly names of internal senders that should not appear in the From header of external messages, such as Alpha Beta or John Smith.
Configure a filter to use the Forged Email Detection rule and dictionary, which will compare the display name in the From header of incoming messages with the entries in the content dictionary, and apply the configured action if a match is found.
NEW QUESTION # 38
What is a valid content filter action?
- A. skip antispam
- B. decrypt on delivery
- C. quarantine
- D. archive
Answer: C
NEW QUESTION # 39
Which method enables an engineer to deliver a flagged message to a specific virtual gateway address in the most flexible way?
- A. Map the envelope sender address to the host.
- B. Set up the interface group with the flag.
- C. Apply a filter on the message.
- D. Issue the altsrchost command.
Answer: D
NEW QUESTION # 40
Drag and Drop Question
An administrator must ensure that emails sent from [email protected] are routed through an alternate virtual gateway. Drag and drop the snippet from the bottom onto the blank in the graphic to finish the message filter syntax. Not all snippets are used.
Answer:
Explanation:
NEW QUESTION # 41
An administrator is trying to enable centralized PVO but receives the error, "Unable to proceed with Centralized Policy, Virus and Outbreak Quarantines configuration as esa1 in Cluster has content filters / DLP actions available at a level different from the cluster level." What is the cause of this error?
- A. Content filters are configured at the machine-level on esa1.
- B. DLP is not configured on host1.
- C. DLP is configured at the cluster-level on esa2.
- D. DLP is configured at the domain-level on esa1.
Answer: B
Explanation:
Explanation/Reference: https://www.cisco.com/c/en/us/support/docs/security/email-security-appliance/118026-technote- esa-00.html
NEW QUESTION # 42
Drag and drop the AsyncOS methods for performing DMARC verification from the left into the correct order on the right.
Answer:
Explanation:
Reference:
https://www.cisco.com/c/en/us/td/docs/security/esa/esa11-1/user_guide/b_ESA_Admin_Guide_11_1/ b_ESA_Admin_Guide_11_1_chapter_010101.html
NEW QUESTION # 43
A network engineer must tighten up the SPAM control policy of an organization due to a recent SPAM attack. In which scenario does enabling regional scanning improve security for this organization?
- A. when most of the received spam originates outside of the U.S.
- B. when most of the received email originates from a specific region
- C. when most of the received email originates outside of the U.S.
- D. when most of the received spam comes from a specific country
Answer: B
Explanation:
Enabling regional scanning improves security for this organization when most of the received email originates from a specific region. Regional scanning is a feature that allows Cisco ESA to apply different spam thresholds and actions based on the geographic region of the sender's IP address, using a database of IP addresses and regions.
To enable regional scanning on Cisco ESA, the administrator can follow these steps:
Select Security Services > IronPort Anti-Spam and click Edit Settings.
Under Regional Scanning, select Enable Regional Scanning.
Click Submit.
Select Security Services > IronPort Anti-Spam > Regional Settings and click Add Region.
Choose a region from the drop-down menu, such as Asia Pacific.
Enter a spam threshold and an action for that region, such as 80 and Drop.
Click Submit.
NEW QUESTION # 44
Which antispam feature is utilized to give end users control to allow emails that are spam to be delivered to their inbox, overriding any spam verdict and action on the Cisco ESA?
- A. end user passthrough list
- B. end user spam quarantine access
- C. end user safelist
- D. end user allow list
Answer: C
Explanation:
End user safelist is a feature that allows end users to specify email addresses or domains that they want to receive messages from, regardless of the spam verdict or action assigned by Cisco ESA. Messages from senders on the end user safelist are delivered to the end user's inbox without any spam filtering.
NEW QUESTION # 45
What are organizations trying to address when implementing a SPAM quarantine?
- A. true positives
- B. false negatives
- C. true negatives
- D. false positives
Answer: D
Explanation:
Reference:
https://www.cisco.com/c/en/us/td/docs/security/esa/esa12-0/user_guide/b_ESA_Admin_Guide_12_0/b_ESA_Admin_Guide_12_0_chapter_0100000.html#con_1482874 False positives are legitimate messages that are incorrectly identified as spam by the Cisco ESA. Organizations may want to implement a spam quarantine to reduce the risk of losing false positive messages and allow users or administrators to review and release them2. Reference = User Guide for AsyncOS 12.0 for Cisco Email Security Appliances - GD (General Deployment) - Spam Quarantine [Cisco Secure Email Gateway] - Cisco
NEW QUESTION # 46
When email authentication is configured on Cisco ESA, which two key types should be selected on the signing profile? (Choose two.)
- A. DKIM
- B. Private Keys
- C. Symmetric Keys
- D. Domain Keys
- E. Public Keys
Answer: A,D
NEW QUESTION # 47
An administrator is trying to enable centralized PVO but receives the error, "Unable to proceed with Centralized Policy, Virus and Outbreak Quarantines configuration as esa1 in Cluster has content filters / DLP actions available at a level different from the cluster level." What is the cause of this error?
- A. Content filters are configured at the machine-level on esa1.
- B. DLP is not configured on host1.
- C. DLP is configured at the cluster-level on esa2.
- D. DLP is configured at the domain-level on esa1.
Answer: B
NEW QUESTION # 48
An administrator notices that the Cisco Secure Email Gateway delivery queue on an appliance is consistently full. After further investigation, it is determined that the IP addresses currently in use by appliance are being rate-limited by some destinations. The administrator creates a new interface with an additional IP address using virtual gateway technology, but the issue is not solved Which configuration change resolves the issue?
- A. Use the CLI command alt-src-host to set the new interface as a possible delivery candidate.
- B. Use the CLI command deliveryconfig to set the new interface as the primary interface for mail delivery
- C. Use the CLI command altsrchost to set the new interface as the source IP address for all mail.
- D. Use the CLI command loadbalance auto to enable mail delivery over all interfaces.
Answer: B
Explanation:
Determining Which Interface is Used for Mail Delivery Unless you specify the output interface via the deliveryconfig</code> command or via a message filter ( alt-src-host ), or through the use of a virtual gateway, the output interface is selected by the AsyncOS routing table. https://www.cisco.com/c/en/us/td/docs/security/esa/esa11-1/user_guide/b_ESA_Admin_Guide_11_1/b_ESA_Admin_Guide_chapter_011001.html?bookSearch=true
NEW QUESTION # 49
Which process is skipped when an email is received from safedomain.com, which is on the safelist?
- A. antivirus scanning
- B. antispam scanning
- C. outbreak filter
- D. message filter
Answer: D
Explanation:
Explanation/Reference: https://www.cisco.com/c/en/us/support/docs/security/email-security-appliance/214269-filter-to- handle-messages-that-skipped-d.html
NEW QUESTION # 50
What are two primary components of content filters? (Choose two.)
- A. subject
- B. content
- C. policies
- D. conditions
- E. actions
Answer: D,E
Explanation:
Reference:
https://www.cisco.com/c/en/us/td/docs/security/ces/user_guide/esa_user_guide_11-1/ b_ESA_Admin_Guide_ces_11_1/b_ESA_Admin_Guide_chapter_01010.pdf
NEW QUESTION # 51
Which two statements about configuring message filters within the Cisco ESA are true? (Choose two.)
- A. Message filters can be configured only from the web user interface.
- B. The filterconfig command executed from the CLI is used to configure message filters.
- C. Message filters configuration within the web user interface is located within Incoming Content Filters.
- D. The filters command executed from the CLI is used to configure the message filters.
- E. Message filters can be configured only from the CLI.
Answer: D,E
NEW QUESTION # 52
......
Feel Cisco 300-720 Dumps PDF Will likely be The best Option: https://www.fast2test.com/300-720-premium-file.html
300-720 exam torrent Cisco study guide: https://drive.google.com/open?id=1PQIBQqhTp_UlacJvcfgoLgDDE1Y99zlr