300-720 Questions Pass on Your First Attempt Dumps for CCNP Security Certified [Q42-Q63]

Share

300-720 Questions Pass on Your First Attempt Dumps for CCNP Security Certified

300-720 Practice Test Pdf Exam Material


Cisco 300-720 Exam Syllabus Topics:

TopicDetails
Topic 1
  • Smtp Session Authentication Using Client Certificates
  • Authentication For End-Users Of Spam Quarantine
Topic 2
  • Spam Control With Talos Senderbase And Antispam
  • Describe The Bounce Verification Feature
Topic 3
  • Utilize Safelists And Blocklists To Control Email Delivery
  • Configure Forged Email Detection
Topic 4
  • Describe Centralized Services On A Cisco Content Sma
  • System Quarantines And Delivery Methods
Topic 5
  • Configure Data Loss Prevention (Dlp)
  • Understand Smtp Functionality
  • Configure Dmarc Verification
Topic 6
  • Configure The Cisco Esa To Scan For Viruses Using Sophos And Mcafee Scanning Engines
  • Initial Configuration Process
Topic 7
  • Configure Domain Keys And Dkim Signing
  • Routing And Delivery Features
  • Configure Mail Policies
Topic 8
  • Describe S
  • Mime Security Services And Communication Encryption With Other Mtas
Topic 9
  • Configure Quarantine (Spam, Policy, Virus, And Outbreak)
  • Incoming And Outgoing Messages
Topic 10
  • Manage Messages In Local Or External Spam Quarantines
  • Configure Cisco Email Security Appliance Features
Topic 11
  • Configure Message Filters Components, Rules, Processing Order And Attachment Scanning
  • Describe Graymail Management Solution
Topic 12
  • Manage Certificate Authorities
  • Configure Virtual Gateways
  • Configure Email Encryption

 

NEW QUESTION 42
What are organizations trying to address when implementing a SPAM quarantine?

  • A. true negatives
  • B. true positives
  • C. false positives
  • D. false negatives

Answer: C

 

NEW QUESTION 43
Which two steps are needed to disable local spam quarantine before external quarantine is enabled? (Choose two.)

  • A. Select Monitor and click Spam Quarantine.
  • B. Select External Spam Quarantine and click on Configure.
  • C. Uncheck the Enable Spam Quarantine check box.
  • D. Check the External Safelist/Blocklist check box.
  • E. Select Security Services and click Spam Quarantine.

Answer: A,C

Explanation:
Reference:
https://www.cisco.com/c/en/us/support/docs/security/email-security-appliance/118555-qa-esa- 00.html (configuration summary)

 

NEW QUESTION 44
A network administrator is modifying an outgoing mail policy to enable domain protection for the organization. A DNS entry is created that has the public key.
Which two headers will be used as matching criteria in the outgoing mail policy? (Choose two.)

  • A. URL reputation
  • B. mail-from
  • C. from
  • D. message-ID
  • E. sender

Answer: C,E

 

NEW QUESTION 45
Which SMTP extension does Cisco ESA support for email security?

  • A. STARTTLS
  • B. ETRN
  • C. UTF8SMTP
  • D. PIPELINING

Answer: A

 

NEW QUESTION 46
When the Cisco ESA is configured to perform antivirus scanning, what is the default timeout value?

  • A. 30 seconds
  • B. 60 seconds
  • C. 120 seconds
  • D. 90 seconds

Answer: B

Explanation:
Reference:
https://www.cisco.com/c/en/us/td/docs/security/esa/esa12-0/user_guide/ b_ESA_Admin_Guide_12_0/b_ESA_Admin_Guide_chapter_01011.html

 

NEW QUESTION 47
An engineer is configuring an SMTP authentication profile on a Cisco ESA which requires certificate verification.
Which section must be configured to accomplish this goal?

  • A. Mail Flow Policies
  • B. Outgoing Mail Policies
  • C. Sending Profiles
  • D. Verification Profiles

Answer: A

 

NEW QUESTION 48
When outbreak filters are configured, which two actions are used to protect users from outbreaks? (Choose two.)

  • A. delay
  • B. abandon
  • C. drop
  • D. return
  • E. redirect

Answer: A,E

Explanation:
Reference:
https://www.cisco.com/c/en/us/td/docs/security/esa/esa12-0/user_guide/ b_ESA_Admin_Guide_12_0/b_ESA_Admin_Guide_chapter_01110.html

 

NEW QUESTION 49
Drag and drop the steps to configure Cisco ESA to use SPF/SIDF verification from the left into the correct order on the right.

Answer:

Explanation:

 

NEW QUESTION 50
Which benefit does enabling external spam quarantine on Cisco SMA provide?

  • A. ability to back up spam quarantine from multiple Cisco ESAs to one central console
  • B. access to the spam quarantine interface on which a user can release, duplicate, or delete
  • C. ability to consolidate spam quarantine data from multiple Cisco ESA to one central console
  • D. ability to scan messages by using two engines to increase a catch rate

Answer: C

 

NEW QUESTION 51
What is the default port to deliver emails from the Cisco ESA to the Cisco SMA using the centralized Spam Quarantine?

  • A. 0
  • B. 1
  • C. 2
  • D. 3

Answer: D

Explanation:
Explanation/Reference: https://www.cisco.com/c/en/us/support/docs/security/email-security-appliance/118692- configure-esa-00.html

 

NEW QUESTION 52
Which two statements about configuring message filters within the Cisco ESA are true? (Choose two.)

  • A. Message filters can be configured only from the web user interface.
  • B. The filterconfig command executed from the CLI is used to configure message filters.
  • C. Message filters configuration within the web user interface is located within Incoming Content Filters.
  • D. Message filters can be configured only from the CLI.
  • E. The filters command executed from the CLI is used to configure the message filters.

Answer: D,E

Explanation:
Reference:
https://www.cisco.com/c/en/us/support/docs/security/email-security-appliance/213940-esa-using-a- message-filter-to-take-act.html

 

NEW QUESTION 53
Which type of attack is prevented by configuring file reputation filtering and file analysis features?

  • A. denial of service
  • B. backscatter
  • C. phishing
  • D. zero-day

Answer: D

 

NEW QUESTION 54
Which two features are applied to either incoming or outgoing mail policies? (Choose two.)

  • A. outbreak filters
  • B. sender reputation filtering
  • C. Indication of Compromise
  • D. application filtering
  • E. antivirus

Answer: A,E

 

NEW QUESTION 55
What are two prerequisites for implementing undesirable URL protection in Cisco ESA? (Choose two.)

  • A. Enable antispam scanning.
  • B. Enable antivirus scanning.
  • C. Enable outbreak filters.
  • D. Enable port bouncing.
  • E. Enable email relay.

Answer: A,C

Explanation:
Reference:
https://www.cisco.com/c/en/us/td/docs/security/esa/esa12-0/user_guide/b_ESA_Admin_Guide_12_0/b_ESA_Admin_Guide_chapter_01111.html

 

NEW QUESTION 56
When URL logging is configured on a Cisco ESA, which feature must be enabled first?

  • A. virus outbreak filter
  • B. senderbase reputation filter
  • C. antispam
  • D. antivirus

Answer: A

Explanation:
Reference:
https://www.cisco.com/c/en/us/support/docs/security/email-security-appliance/118775-technote- esa-00.html (note under enable url filtering)

 

NEW QUESTION 57
How does the graymail safe unsubscribe feature function?

  • A. It checks the reputation of the URI and performs the unsubscribe process on behalf of the end user.
  • B. It strips the malicious content of the URI before unsubscribing.
  • C. It redirects the end user who clicks the unsubscribe button to a sandbox environment to allow a safe unsubscribe.
  • D. It checks the URI reputation and category and allows the content filter to take an action on it.

Answer: A

Explanation:
Reference:
https://www.cisco.com/c/en/us/support/docs/security/email-security-appliance/200383-Graymail- Detection-and-Safe-Unsubscribin.html

 

NEW QUESTION 58
What is a valid content filter action?

  • A. skip antispam
  • B. archive
  • C. quarantine
  • D. decrypt on delivery

Answer: C

 

NEW QUESTION 59
Which component must be added to the content filter to trigger on failed SPF Verification or DKIM Authentication verdicts?

  • A. condition
  • B. status
  • C. parameter
  • D. response

Answer: A

 

NEW QUESTION 60
Which setting affects the aggressiveness of spam detection?

  • A. protection level
  • B. maximum depth of recursion scan
  • C. spam timeout
  • D. spam threshold

Answer: D

 

NEW QUESTION 61
When DKIM signing is configured, which DNS record must be updated to load the DKIM public signing key?

  • A. MX record
  • B. PTR record
  • C. TXT record
  • D. AAAA record

Answer: C

Explanation:
Reference:
https://www.cisco.com/c/en/us/support/docs/security/email-security-appliance/213939-esa- configure-dkim-signing.html

 

NEW QUESTION 62
When the Cisco ESA is configured to perform antivirus scanning, what is the default timeout value?

  • A. 30 seconds
  • B. 60 seconds
  • C. 120 seconds
  • D. 90 seconds

Answer: B

 

NEW QUESTION 63
......

300-720 [Apr-2022] Newly Released] Exam Questions For You To Pass: https://www.free4dump.com/300-720-braindumps-torrent.html

300-720 Answers 300-720 Free Demo Are Based On The Real Exam: https://drive.google.com/open?id=1m2r5M8HSv3DBazzE-woM6ADa5Ll9OvYg