300-720 Online Practice Questions and Answers

When email authentication is configured on Cisco ESA, which two key types should be selected on the signing profile? (Choose two.)

A. DKIM

B. Public Keys

C. Domain Keys

D. Symmetric Keys

E. Private Keys

What is the default behavior of any listener for TLS communication?

A. preferred-verify

B. off

C. preferred

D. required

How does the graymail safe unsubscribe feature function?

A. It strips the malicious content of the URI before unsubscribing.

B. It checks the URI reputation and category and allows the content filter to take an action on it.

C. It redirects the end user who clicks the unsubscribe button to a sandbox environment to allow a safe unsubscribe.

D. It checks the reputation of the URI and performs the unsubscribe process on behalf of the end user.

An administrator is trying to enable centralized PVO but receives the error, "Unable to proceed with Centralized Policy, Virus and Outbreak Quarantines configuration as esa1 in Cluster has content filters / DLP actions available at a level different from the cluster level."

What is the cause of this error?

A. Content filters are configured at the machine-level on esa1.

B. DLP is configured at the cluster-level on esa2.

C. DLP is configured at the domain-level on esa1.

D. DLP is not configured on host1.

Which type of attack is prevented by configuring file reputation filtering and file analysis features?

A. denial of service

B. zero-day

C. backscatter

D. phishing

An engineer is configuring an SMTP authentication profile on a Cisco ESA which requires certificate verification. Which section must be configured to accomplish this goal?

A. Mail Flow Policies

B. Sending Profiles

C. Outgoing Mail Policies

D. Verification Profiles

An organization wants to use DMARC to improve its brand reputation by leveraging DNS records. Which two email authentication mechanisms are utilized during this process? (Choose two.)

A. SPF

B. DSTP

C. DKIM

D. TLS

E. PKI

A content dictionary was created for use with Forged Email Detection. Proper data that pertains to the CEO "Example CEO" must be entered. What must be added to the dictionary to accomplish this goal?

A. ceo

B. Example CEO

C. [email protected]

D. example.com

A company security policy requires that the finance department have an easy way to apply encryption to their outbound messages that contain sensitive data. Users must be able to flag the messages that require encryption versus a Cisco ESA scanning all messages and automatically encrypting via detection. Which action enables this capability?

A. Create an outgoing content filter with no conditions and with the Encrypt and Deliver Now action configured with [SECURE] in the Subject setting.

B. Create a DLP policy manager message action with encryption enabled and apply it to active DLP policies for outgoing mail.

C. Create an encryption profile with [SECURE] in the Subject setting and enable encryption on the mail flow policy.

D. Create an encryption profile and an outgoing content filter that includes \[SECURE\] within the Subject Header: Contains condition along with the Encrypt and Deliver Now action.

The CEO added a sender to a safelist but does not receive an important message expected from the trusted sender. An engineer evaluates message tracking on a Cisco ESA and determines that the message was dropped by the antivirus engine. What is the reason for this behavior?

A. End-user safelists apply to antispam engines only.

B. The sender didn't mark the message as urgent.

C. Administrative access is required to create a safelist.

D. The sender is included in an ISP blocklist.