Refined Cisco 300-720 Test Online

NEW QUESTION 1
Which action is a valid fallback when a client certificate is unavailable during SMTP authentication on Cisco ESA?

• A. LDAP Query
• B. SMTP AUTH
• C. SMTP TLS
• D. LDAP BIND

Answer: B

NEW QUESTION 2
Which two configurations are used on multiple LDAP servers to connect with Cisco ESA? (Choose two.)

• A. load balancing
• B. SLA monitor
• C. active-standby
• D. failover
• E. active-active

Answer: AD

NEW QUESTION 3
When email authentication is configured on Cisco ESA, which two key types should be selected on the signing profile? (Choose two.)

• A. DKIM
• B. Public Keys
• C. Domain Keys
• D. Symmetric Keys
• E. Private Keys

Answer: AC

NEW QUESTION 4
What are two phases of the Cisco ESA email pipeline? (Choose two.)

• A. reject
• B. workqueue
• C. action
• D. delivery
• E. quarantine

Answer: BD

NEW QUESTION 5
Which feature must be configured before an administrator can use the outbreak filter for nonviral threats?

• A. quarantine threat level
• B. antispam
• C. data loss prevention
• D. antivirus

Answer: B

NEW QUESTION 6
Which two are configured in the DMARC verification profile? (Choose two.)

• A. name of the verification profile
• B. minimum number of signatures to verify
• C. ESA listeners to use the verification profile
• D. message action into an incoming or outgoing content filter
• E. message action to take when the policy is reject/quarantine

Answer: AE

NEW QUESTION 7
Which global setting is configured under Cisco ESA Scan Behavior?

• A. minimum attachment size to scan
• B. attachment scanning timeout
• C. actions for unscannable messages due to attachment type
• D. minimum depth of attachment recursion to scan

Answer: B

NEW QUESTION 8
Which two actions are configured on the Cisco ESA to query LDAP servers? (Choose two.)

• A. accept
• B. relay
• C. delay
• D. route
• E. reject

Answer: AD

NEW QUESTION 9
DRAG DROP
Drag and drop the AsyncOS methods for performing DMARC verification from the left into the correct order on the right.
Select and Place:

• A. Mastered
• B. Not Mastered

Answer: A

Explanation:

NEW QUESTION 10
Which two components form the graymail management solution in Cisco ESA? (Choose two.)

• A. cloud-based unsubscribe service
• B. uniform unsubscription management interface for end users
• C. secure subscribe option for end users
• D. integrated graymail scanning engine
• E. improved mail efficacy

Answer: AD

NEW QUESTION 11
What occurs when configuring separate incoming mail policies?

• A. message splintering
• B. message exceptions
• C. message detachment
• D. message aggregation

Answer: A

NEW QUESTION 12
What are two primary components of content filters? (Choose two.)

• A. conditions
• B. subject
• C. content
• D. actions
• E. policies

Answer: AD

NEW QUESTION 13
What is the order of virus scanning when multilayer antivirus scanning is configured?

• A. The default engine scans for viruses first and the McAfee engine scans for viruses second.
• B. The Sophos engine scans for viruses first and the McAfee engine scans for viruses second.
• C. The McAfee engine scans for viruses first and the default engine scans for viruses second.
• D. The McAfee engine scans for viruses first and the Sophos engine scans for viruses second.

Answer: C

NEW QUESTION 14
Which two statements about configuring message filters within the Cisco ESA are true? (Choose two.)

• A. The filters command executed from the CLI is used to configure the message filters.
• B. Message filters configuration within the web user interface is located within Incoming Content Filters.
• C. The filterconfig command executed from the CLI is used to configure message filters.
• D. Message filters can be configured only from the CLI.
• E. Message filters can be configured only from the web user interface.

Answer: AD

NEW QUESTION 15
Which two query types are available when an LDAP profile is configured? (Choose two.)

• A. proxy consolidation
• B. user
• C. recursive
• D. group
• E. routing

Answer: DE

NEW QUESTION 16
Email encryption is configured on a Cisco ESA that uses CRES.
Which action is taken on a message when CRES is unavailable?

• A. It is requeued.
• B. It is sent in clear text.
• C. It is dropped and an error message is sent to the sender.
• D. It is encrypted by a Cisco encryption appliance.

Answer: B

NEW QUESTION 17
When DKIM signing is configured, which DNS record must be updated to load the DKIM public signing key?

• A. AAAA record
• B. PTR record
• C. TXT record
• D. MX record

Answer: B

Explanation:
37 Which attack is mitigated by using Bounce Verification?
A. spoof
B. denial of service
C. eavesdropping
D. smurf

NEW QUESTION 18
Which antispam feature is utilized to give end users control to allow emails that are spam to be delivered to their inbox, overriding any spam verdict and action on the Cisco ESA?

• A. end user allow list
• B. end user spam quarantine access
• C. end user passthrough list
• D. end user safelist

Answer: B

NEW QUESTION 19
Which two steps are needed to disable local spam quarantine before external quarantine is enabled? (Choose two.)

• A. Uncheck the Enable Spam Quarantine check box.
• B. Select Monitor and click Spam Quarantine.
• C. Check the External Safelist/Blocklist check box.
• D. Select External Spam Quarantine and click on Configure.
• E. Select Security Services and click Spam Quarantine.

Answer: B

Explanation:
45 Which Cisco ESA security service is configured only through an outgoing mail policy?
A. antivirus
B. DLP
C. Outbreak Filters
D. AMP

NEW QUESTION 20
Which action on the Cisco ESA provides direct access to view the safelist/blocklist?

• A. Show the SLBL cache on the CLI.
• B. Monitor Incoming/Outgoing Listener.
• C. Export the SLBL to a .csv file.
• D. Debug the mail flow policy.

Answer: C

NEW QUESTION 21
What is the default HTTPS port when configuring spam quarantine on Cisco ESA?

• A. 83
• B. 82
• C. 443
• D. 80

Answer: A

NEW QUESTION 22
Which two steps configure Forged Email Detection? (Choose two.)

• A. Configure a content dictionary with executive email addresses.
• B. Configure a filter to use the Forged Email Detection rule and dictionary.
• C. Configure a filter to check the Header From value against the Forged Email Detection dictionary.
• D. Enable Forged Email Detection on the Security Services page.
• E. Configure a content dictionary with friendly names.

Answer: AB

NEW QUESTION 23
Which scenario prevents a message from being sent to the quarantine as an action in the scan behavior on Cisco ESA?

• A. A policy quarantine is missing.
• B. More than one email pipeline is defined.

Answer: A

NEW QUESTION 24
When the Spam Quarantine is configured on the Cisco ESA, what validates end-users via LDAP during login to the End-User Quarantine?

• A. Enabling the End-User Safelist/Blocklist feature
• B. Spam Quarantine External Authentication Query
• C. Spam Quarantine End-User Authentication Query
• D. Spam Quarantine Alias Consolidation Query

Answer: C

NEW QUESTION 25
What must be configured to allow the Cisco ESA to encrypt an email using the Cisco Registered Envelope Service?

• A. provisioned email encryption profile
• B. message encryption from a content filter that select "Message Encryption" over TLS
• C. message encryption from the mail flow policies with "CRES" selected
• D. content filter to forward the email to the Cisco Registered Envelope server

Answer: B

NEW QUESTION 26
......