100% Accurate Answers! Feb-2024 300-720 Actual Real Exam Questions [Q67-Q91]

100% Accurate Answers! Feb-2024 300-720 Actual Real Exam Questions

Best Value Available! 2024 Realistic Verified Free 300-720 Exam Questions

Once certified, IT professionals can expect to have a range of career opportunities available to them. These include roles such as network security engineer, email security administrator, and security analyst. The Cisco 300-720 certification is an excellent way for IT professionals to advance their careers and stay up-to-date with the latest email security technologies.

 

NEW QUESTION # 67
Which attack is mitigated by using Bounce Verification?

• A. denial of service
• B. smurf
• C. eavesdropping
• D. spoof

Answer: A

NEW QUESTION # 68
Which two certificate authority lists are available in Cisco ESA? (Choose two.)

• A. demo
• B. user
• C. custom
• D. system
• E. default

Answer: C,D

Explanation:
System: This is the default list of trusted certificate authorities that is provided by Cisco and updated automatically. It contains the certificates of well-known and widely used certificate authorities, such as VeriSign, Thawte, and GoDaddy.
Custom: This is the list of additional certificate authorities that you can add manually or import from a file. It allows you to trust certificates that are issued by your own or third-party certificate authorities that are not included in the system list.

NEW QUESTION # 69
Which global setting is configured under Cisco ESA Scan Behavior?

• A. actions for unscannable messages due to attachment type
• B. minimum depth of attachment recursion to scan
• C. attachment scanning timeout
• D. minimum attachment size to scan

Answer: C

NEW QUESTION # 70
Which SMTP extension does Cisco ESA support for email security?

• A. PIPELINING
• B. ETRN
• C. STARTTLS
• D. UTF8SMTP

Answer: C

Explanation:
Reference:
https://www.cisco.com/c/en/us/td/docs/security/esa/esa12-0/user_guide/b_ESA_Admin_Guide_12_0/b_ESA_Admin_Guide_12_0_chapter_011000.html

NEW QUESTION # 71
Email encryption is configured on a Cisco ESA that uses CRES.
Which action is taken on a message when CRES is unavailable?

• A. It is sent in clear text.
• B. It is requeued.
• C. It is dropped and an error message is sent to the sender.
• D. It is encrypted by a Cisco encryption appliance.

Answer: B

Explanation:
When CRES (Cisco Registered Envelope Service) is unavailable, Cisco ESA will requeue the message and attempt to resend it later, until the maximum number of retries or the maximum age of the message is reached. The message will not be sent in clear text, dropped, or encrypted by another appliance.

NEW QUESTION # 72
Refer to the exhibit. Which configuration on the scan behavior must be updated to allow the attachment to be scanned on the Cisco ESA?

• A. Add an additional mapping for attachment type for zip files.
• B. Increase the maximum recursion depth from 5 to a larger value.
• C. Increase the maximum attachment size to scan to a larger value.
• D. Enable assume match pattern if the email was not scanned for any reason.

Answer: C

Explanation:
The maximum attachment size to scan is a configuration on the scan behavior that determines the maximum size of an attachment that Cisco ESA will scan for viruses and malware. If an attachment exceeds this size, Cisco ESA will apply the configured action for unscannable messages, such as deliver, drop, or quarantine.
To allow the attachment to be scanned on the Cisco ESA, this configuration must be updated to a larger value than the attachment size, which is 10 MB according to the message header.
The other options are not valid configurations to allow the attachment to be scanned on the Cisco ESA, because they do not affect the maximum attachment size to scan.

NEW QUESTION # 73
An administrator is managing multiple Cisco ESA devices and wants to view the quarantine emails from all devices in a central location.
How is this accomplished?

• A. Disable the local quarantine before sending SPAM to the external quarantine.
• B. Configure a user policy to determine whether the message is sent to the local or external quarantine.
• C. Disable the VOF feature before sending SPAM to the external quarantine.
• D. Configure a mail policy to determine whether the message is sent to the local or external quarantine.

Answer: D

NEW QUESTION # 74
Which default port is used by the Cisco ESA to quarantine the message on the Cisco Security Management Appliance?

• A. port 6025/TCP
• B. port110/TCP
• C. port443/TCP
• D. port4766/UDP
• E. port 25fTCP

Answer: A

NEW QUESTION # 75
Which two Cisco ESA features are used to control email delivery based on the sender? (Choose two.)

• A. blocklists
• B. outbreak filter
• C. safelists
• D. spam quarantine
• E. incoming mail policies

Answer: A,C

NEW QUESTION # 76
When the Cisco ESA is configured to use Centralized Message Tracking, which default port is used between the device and the Cisco Security Management Appliance?

• A. port 80/UDP
• B. port 25/UDP
• C. port 22/TCP
• D. port 53/UDP
• E. port 23/TCP

Answer: C

NEW QUESTION # 77
How does the graymail safe unsubscribe feature function?

• A. It checks the reputation of the URI and performs the unsubscribe process on behalf of the end user.
• B. It strips the malicious content of the URI before unsubscribing.
• C. It checks the URI reputation and category and allows the content filter to take an action on it.
• D. It redirects the end user who clicks the unsubscribe button to a sandbox environment to allow a safe unsubscribe.

Answer: A

Explanation:
Explanation/Reference: https://www.cisco.com/c/en/us/support/docs/security/email-security-appliance/200383- Graymail-Detection-and-Safe-Unsubscribin.html

NEW QUESTION # 78
Which process is skipped when an email is received from safedomain.com, which is on the safelist?

• A. antispam scanning
• B. antivirus scanning
• C. message filter
• D. outbreak filter

Answer: C

Explanation:
Explanation/Reference: https://www.cisco.com/c/en/us/support/docs/security/email-security-appliance/214269-filter-to- handle-messages-that-skipped-d.html

NEW QUESTION # 79
Refer to the exhibit. An engineer needs to change the existing Forged Email Detection message filter so that it references a newly created dictionary named `Executives'.

What should be done to accomplish this task?

• A. Change fed' to "Executives".
• B. Change "from" to "Executives".
• C. Change "support" to "Executives".
• D. Change "TESF to "Executives".

Answer: C

NEW QUESTION # 80
Which two components form the graymail management solution in Cisco ESA? (Choose two.)

• A. secure subscribe option for end users
• B. integrated graymail scanning engine
• C. improved mail efficacy
• D. uniform unsubscription management interface for end users
• E. cloud-based unsubscribe service

Answer: B,E

Explanation:
Reference:
https://www.cisco.com/c/en/us/td/docs/security/esa/esa12-0/user_guide/ b_ESA_Admin_Guide_12_0/b_ESA_Admin_Guide_chapter_01101.pdf (p.2)

NEW QUESTION # 81
An administrator is trying to enable centralized PVO but receives the error, "Unable to proceed with Centralized Policy, Virus and Outbreak Quarantines configuration as esa1 in Cluster has content filters / DLP actions available at a level different from the cluster level." What is the cause of this error?

• A. DLP is configured at the cluster-level on esa2.
• B. Content filters are configured at the machine-level on esa1.
• C. DLP is configured at the domain-level on esa1.
• D. DLP is not configured on host1.

Answer: B

Explanation:

https://www.cisco.com/c/en/us/support/docs/security/email-security-appliance/200083-Requirements-for-the-PVO-Migration-Wizar.html

NEW QUESTION # 82
Which action is a valid fallback when a client certificate is unavailable during SMTP authentication on Cisco ESA?

• A. LDAP Query
• B. SMTP TLS
• C. SMTP AUTH
• D. LDAP BIND

Answer: C

Explanation:
Reference:
https://www.cisco.com/c/en/us/td/docs/security/esa/esa12-0/user_guide/ b_ESA_Admin_Guide_12_0/b_ESA_Admin_Guide_12_0_chapter_011011.html

NEW QUESTION # 83
Which feature utilizes sensor information obtained from Talos intelligence to filter email servers connecting into the Cisco ESA?

• A. Talos Reputation Filtering
• B. SpamCop Reputation Filtering
• C. Connection Reputation Filtering
• D. SenderBase Reputation Filtering

Answer: D

Explanation:
SenderBase Reputation Filtering is a feature that allows Cisco ESA to reject or throttle connections from email servers based on their reputation score, which is calculated by Talos using sensor information from various sources.

NEW QUESTION # 84
An analyst creates a new content dictionary to use with Forged Email Detection.
Which entry will be added into the dictionary?

• A. mycompany.com
• B. ^Alpha\ Beta$
• C. [email protected]
• D. Alpha Beta

Answer: D

Explanation:

https://www.cisco.com/c/en/us/td/docs/security/esa/esa13-
0/user_guide/b_ESA_Admin_Guide_13-0.pdf p.675

NEW QUESTION # 85
Spreadsheets containing credit card numbers are being allowed to bypass the Cisco ESA.
Which outgoing mail policy feature should be configured to catch this content before it leaves the network?

• A. file reputation filtering
• B. data loss prevention
• C. outbreak filtering
• D. file analysis

Answer: C

NEW QUESTION # 86
An analyst creates a new content dictionary to use with Forged Email Detection.
Which entry will be added into the dictionary?

• A. ^Alpha\ Beta$
• B. Alpha Beta
• C. [email protected]
• D. mycompany.com

Answer: D

Explanation:
Reference:
https://www.cisco.com/c/en/us/products/collateral/security/email-security-appliance/ whitepaper_C11-737596.html

NEW QUESTION # 87
Which two components must be configured to perform DLP scanning? (Choose two.)

• A. Add a DLP policy to the Outgoing Content Filter.
• B. Enable a DLP policy on the DLP Policy Customizations.
• C. Add a DLP policy to the DLP Policy Manager.
• D. Enable a DLP policy on the Outgoing Mail Policy.
• E. Add a DLP policy on the Incoming Mail Policy.

Answer: C,D

Explanation:
Reference:
https://www.cisco.com/c/en/us/td/docs/security/esa/esa11-1/user_guide/ b_ESA_Admin_Guide_11_1/b_ESA_Admin_Guide_chapter_010001.html

NEW QUESTION # 88
Drag and drop the Cisco ESA reactions to a possible DLP from the left onto the correct action types on the right.

Answer:

Explanation:

NEW QUESTION # 89
An administrator identifies that, over the past week, the Cisco ESA is receiving many emails from certain senders and domains which are being consistently quarantined. The administrator wants to ensure that these senders and domain are unable to send anymore emails.
Which feature on Cisco ESA should be used to achieve this?

• A. blocklist
• B. incoming mail policies
• C. S/MIME Sending Profile
• D. safelist

Answer: B

Explanation:
The appliance enforces your organization's policies for messages sent to and from your users through the use of mail policies. These are sets of rules that specify the types of suspect, sensitive, or malicious content that your organization may not want entering or leaving your network. This content may include:
-spam
-legitimate marketing messages
-graymail
-viruses
-phishing and other targeted mail attacks
-confidential corporate data
-personally identifiable information
https://www.cisco.com/c/en/us/td/docs/security/esa/esa11-1/user_guide/b_ESA_Admin_Guide_11_1/b_ESA_Admin_Guide_chapter_01001.html?bookSearch=true

NEW QUESTION # 90
What is the default HTTPS port when configuring spam quarantine on Cisco ESA?

• A. 0
• B. 1
• C. 2
• D. 3

Answer: A

Explanation:
in the spam quarantine section, you can configure settings for access to the spam quarantine, and by default, HTTP uses port 82 and HTTPS uses port 83.

NEW QUESTION # 91
......

Actual Questions Answers Pass With Real 300-720 Exam Dumps: https://www.freecram.com/Cisco-certification/300-720-exam-dumps.html

Pass Your Exam Easily! 300-720 Real Question Answers Updated: https://drive.google.com/open?id=1Et6xcgOeaNxhYJer2y4rkqlcN6w9KOr0