300-720 Questions Pass on Your First Attempt Dumps for CCNP Security Certified
300-720 Practice Test Pdf Exam Material
Cisco 300-720 Exam Syllabus Topics:
| Topic | Details |
|---|---|
| Topic 1 |
|
| Topic 2 |
|
| Topic 3 |
|
| Topic 4 |
|
| Topic 5 |
|
| Topic 6 |
|
| Topic 7 |
|
| Topic 8 |
|
| Topic 9 |
|
| Topic 10 |
|
| Topic 11 |
|
| Topic 12 |
|
NEW QUESTION 42
What are organizations trying to address when implementing a SPAM quarantine?
- A. true negatives
- B. true positives
- C. false positives
- D. false negatives
Answer: C
NEW QUESTION 43
Which two steps are needed to disable local spam quarantine before external quarantine is enabled? (Choose two.)
- A. Select Monitor and click Spam Quarantine.
- B. Select External Spam Quarantine and click on Configure.
- C. Uncheck the Enable Spam Quarantine check box.
- D. Check the External Safelist/Blocklist check box.
- E. Select Security Services and click Spam Quarantine.
Answer: A,C
Explanation:
Reference:
https://www.cisco.com/c/en/us/support/docs/security/email-security-appliance/118555-qa-esa- 00.html (configuration summary)
NEW QUESTION 44
A network administrator is modifying an outgoing mail policy to enable domain protection for the organization. A DNS entry is created that has the public key.
Which two headers will be used as matching criteria in the outgoing mail policy? (Choose two.)
- A. URL reputation
- B. mail-from
- C. from
- D. message-ID
- E. sender
Answer: C,E
NEW QUESTION 45
Which SMTP extension does Cisco ESA support for email security?
- A. STARTTLS
- B. ETRN
- C. UTF8SMTP
- D. PIPELINING
Answer: A
NEW QUESTION 46
When the Cisco ESA is configured to perform antivirus scanning, what is the default timeout value?
- A. 30 seconds
- B. 60 seconds
- C. 120 seconds
- D. 90 seconds
Answer: B
Explanation:
Reference:
https://www.cisco.com/c/en/us/td/docs/security/esa/esa12-0/user_guide/ b_ESA_Admin_Guide_12_0/b_ESA_Admin_Guide_chapter_01011.html
NEW QUESTION 47
An engineer is configuring an SMTP authentication profile on a Cisco ESA which requires certificate verification.
Which section must be configured to accomplish this goal?
- A. Mail Flow Policies
- B. Outgoing Mail Policies
- C. Sending Profiles
- D. Verification Profiles
Answer: A
NEW QUESTION 48
When outbreak filters are configured, which two actions are used to protect users from outbreaks? (Choose two.)
- A. delay
- B. abandon
- C. drop
- D. return
- E. redirect
Answer: A,E
Explanation:
Reference:
https://www.cisco.com/c/en/us/td/docs/security/esa/esa12-0/user_guide/ b_ESA_Admin_Guide_12_0/b_ESA_Admin_Guide_chapter_01110.html
NEW QUESTION 49
Drag and drop the steps to configure Cisco ESA to use SPF/SIDF verification from the left into the correct order on the right.
Answer:
Explanation:
NEW QUESTION 50
Which benefit does enabling external spam quarantine on Cisco SMA provide?
- A. ability to back up spam quarantine from multiple Cisco ESAs to one central console
- B. access to the spam quarantine interface on which a user can release, duplicate, or delete
- C. ability to consolidate spam quarantine data from multiple Cisco ESA to one central console
- D. ability to scan messages by using two engines to increase a catch rate
Answer: C
NEW QUESTION 51
What is the default port to deliver emails from the Cisco ESA to the Cisco SMA using the centralized Spam Quarantine?
- A. 0
- B. 1
- C. 2
- D. 3
Answer: D
Explanation:
Explanation/Reference: https://www.cisco.com/c/en/us/support/docs/security/email-security-appliance/118692- configure-esa-00.html
NEW QUESTION 52
Which two statements about configuring message filters within the Cisco ESA are true? (Choose two.)
- A. Message filters can be configured only from the web user interface.
- B. The filterconfig command executed from the CLI is used to configure message filters.
- C. Message filters configuration within the web user interface is located within Incoming Content Filters.
- D. Message filters can be configured only from the CLI.
- E. The filters command executed from the CLI is used to configure the message filters.
Answer: D,E
Explanation:
Reference:
https://www.cisco.com/c/en/us/support/docs/security/email-security-appliance/213940-esa-using-a- message-filter-to-take-act.html
NEW QUESTION 53
Which type of attack is prevented by configuring file reputation filtering and file analysis features?
- A. denial of service
- B. backscatter
- C. phishing
- D. zero-day
Answer: D
NEW QUESTION 54
Which two features are applied to either incoming or outgoing mail policies? (Choose two.)
- A. outbreak filters
- B. sender reputation filtering
- C. Indication of Compromise
- D. application filtering
- E. antivirus
Answer: A,E
NEW QUESTION 55
What are two prerequisites for implementing undesirable URL protection in Cisco ESA? (Choose two.)
- A. Enable antispam scanning.
- B. Enable antivirus scanning.
- C. Enable outbreak filters.
- D. Enable port bouncing.
- E. Enable email relay.
Answer: A,C
Explanation:
Reference:
https://www.cisco.com/c/en/us/td/docs/security/esa/esa12-0/user_guide/b_ESA_Admin_Guide_12_0/b_ESA_Admin_Guide_chapter_01111.html
NEW QUESTION 56
When URL logging is configured on a Cisco ESA, which feature must be enabled first?
- A. virus outbreak filter
- B. senderbase reputation filter
- C. antispam
- D. antivirus
Answer: A
Explanation:
Reference:
https://www.cisco.com/c/en/us/support/docs/security/email-security-appliance/118775-technote- esa-00.html (note under enable url filtering)
NEW QUESTION 57
How does the graymail safe unsubscribe feature function?
- A. It checks the reputation of the URI and performs the unsubscribe process on behalf of the end user.
- B. It strips the malicious content of the URI before unsubscribing.
- C. It redirects the end user who clicks the unsubscribe button to a sandbox environment to allow a safe unsubscribe.
- D. It checks the URI reputation and category and allows the content filter to take an action on it.
Answer: A
Explanation:
Reference:
https://www.cisco.com/c/en/us/support/docs/security/email-security-appliance/200383-Graymail- Detection-and-Safe-Unsubscribin.html
NEW QUESTION 58
What is a valid content filter action?
- A. skip antispam
- B. archive
- C. quarantine
- D. decrypt on delivery
Answer: C
NEW QUESTION 59
Which component must be added to the content filter to trigger on failed SPF Verification or DKIM Authentication verdicts?
- A. condition
- B. status
- C. parameter
- D. response
Answer: A
NEW QUESTION 60
Which setting affects the aggressiveness of spam detection?
- A. protection level
- B. maximum depth of recursion scan
- C. spam timeout
- D. spam threshold
Answer: D
NEW QUESTION 61
When DKIM signing is configured, which DNS record must be updated to load the DKIM public signing key?
- A. MX record
- B. PTR record
- C. TXT record
- D. AAAA record
Answer: C
Explanation:
Reference:
https://www.cisco.com/c/en/us/support/docs/security/email-security-appliance/213939-esa- configure-dkim-signing.html
NEW QUESTION 62
When the Cisco ESA is configured to perform antivirus scanning, what is the default timeout value?
- A. 30 seconds
- B. 60 seconds
- C. 120 seconds
- D. 90 seconds
Answer: B
NEW QUESTION 63
......
300-720 [Apr-2022] Newly Released] Exam Questions For You To Pass: https://www.free4dump.com/300-720-braindumps-torrent.html
300-720 Answers 300-720 Free Demo Are Based On The Real Exam: https://drive.google.com/open?id=1m2r5M8HSv3DBazzE-woM6ADa5Ll9OvYg