• Home
  • Articles
  • The Cisco 300-720 Questions & Practice Test are Available On-Demand [Q23-Q38]

The Cisco 300-720 Questions & Practice Test are Available On-Demand [Q23-Q38]

Share

The Cisco 300-720 Questions & Practice Test are Available On-Demand

Valid 300-720 Exam Dumps Ensure you a HIGH SCORE


To prepare for the Cisco 300-720 exam, candidates should have a solid understanding of email technologies and protocols, as well as experience in network security and administration. They should also have hands-on experience with Cisco Email Security Appliance, including the ability to configure and troubleshoot the appliance. Study materials for 300-720 exam may include Cisco's official exam guide, online courses, and practice exams. Earning the Cisco 300-720 certification not only validates one's expertise in email security, but also opens up new career opportunities in the field of network security.

 

NEW QUESTION # 23
What are organizations trying to address when implementing a SPAM quarantine?

  • A. true positives
  • B. false positives
  • C. false negatives
  • D. true negatives

Answer: B

Explanation:
Reference:
https://www.cisco.com/c/en/us/td/docs/security/esa/esa12-0/user_guide/b_ESA_Admin_Guide_12_0/b_ESA_Admin_Guide_12_0_chapter_0100000.html#con_1482874 False positives are legitimate messages that are incorrectly identified as spam by the Cisco ESA. Organizations may want to implement a spam quarantine to reduce the risk of losing false positive messages and allow users or administrators to review and release them2. Reference = User Guide for AsyncOS 12.0 for Cisco Email Security Appliances - GD (General Deployment) - Spam Quarantine [Cisco Secure Email Gateway] - Cisco


NEW QUESTION # 24
What are two phases of the Cisco ESA email pipeline? (Choose two.)

  • A. action
  • B. delivery
  • C. workqueue
  • D. reject
  • E. quarantine

Answer: B,C


NEW QUESTION # 25
Which method enables an engineer to deliver a flagged message to a specific virtual gateway address in the most flexible way?

  • A. Set up the interface group with the flag.
  • B. Issue the altsrchost command.
  • C. Apply a filter on the message.
  • D. Map the envelope sender address to the host.

Answer: C

Explanation:
A filter is a method that enables an engineer to deliver a flagged message to a specific virtual gateway address in the most flexible way. A filter is a rule that allows Cisco ESA to perform actions on messages based on predefined or custom conditions, such as headers, envelope, body, attachments, etc.
To deliver a flagged message to a specific virtual gateway address using a filter, the engineer can create a content filter or message filter that matches the flag condition and applies an action of "deliver via alternate host" with the virtual gateway address as the parameter.
The other options are not methods that enable an engineer to deliver a flagged message to a specific virtual gateway address in the most flexible way, because they have more limitations or requirements than using a filter.


NEW QUESTION # 26
Which two statements about configuring message filters within the Cisco ESA are true? (Choose two.)

  • A. The filterconfig command executed from the CLI is used to configure message filters.
  • B. The filters command executed from the CLI is used to configure the message filters.
  • C. Message filters can be configured only from the CLI.
  • D. Message filters configuration within the web user interface is located within Incoming Content Filters.
  • E. Message filters can be configured only from the web user interface.

Answer: B,C

Explanation:
Message filters can only be applied to the ESA via command line. So, you will need command line access to the ESA.
Log into the ESA via command line.
Run the following highlighted commands to apply the message filter to the ESA:
ironport.example.com> filters
Choose the operation you want to perform:
- NEW - Create a new filter.
- IMPORT - Import a filter script from a file.
[]> NEW
Enter filter script. Enter '.' on its own line to end.
large_spam_no_attachment:
if ((body-size > 2097152) AND NOT (attachment-size > 0)) {
quarantine("large_spam");
log-entry("*****This is a large message with no attachments*****");
}
.
1 filters added.


NEW QUESTION # 27
A company has deployed a new mandate that requires all emails sent externally from the Sales Department to be scanned by DLP for PCI-DSS compliance. A new DLP policy has been created on the Cisco ESA and needs to be assigned to a mail policy named `Sales' that has yet to be created.
Which mail policy should be created to accomplish this task?

  • A. Preliminary Mail Policy
  • B. Incoming Mail Flow Policy
  • C. Outgoing Mail Flow Policy
  • D. Outgoing Mail Policy

Answer: D

Explanation:
https://www.cisco.com/c/en/us/td/docs/security/esa/esa12-
0/user_guide/b_ESA_Admin_Guide_12_0/b_ESA_Admin_Guide_chapter_010001.html#task_140
94


NEW QUESTION # 28
Which action must be taken before a custom quarantine that is being used can be deleted?

  • A. Remove the quarantine from the message action of a filter.
  • B. Delete only the unused quarantine.
  • C. Delete the quarantine that is not assigned to a filter.
  • D. Delete the quarantine that is assigned to a filter.

Answer: A


NEW QUESTION # 29
Which attack is mitigated by using Bounce Verification?

  • A. denial of service
  • B. spoof
  • C. smurf
  • D. eavesdropping

Answer: A

Explanation:
Explanation/Reference: https://www.networkworld.com/article/2305394/ironport-adds-bounce-back-verification-for-e- mail.html


NEW QUESTION # 30
Which type of attack is prevented by configuring file reputation filtering and file analysis features?

  • A. phishing
  • B. denial of service
  • C. zero-day
  • D. backscatter

Answer: C

Explanation:
Explanation/Reference: https://www.cisco.com/c/en/us/td/docs/security/esa/esa12-0/user_guide/ b_ESA_Admin_Guide_12_0/b_ESA_Admin_Guide_chapter_010000.html#con_1809885


NEW QUESTION # 31
Which two features are applied to either incoming or outgoing mail policies? (Choose two.)

  • A. sender reputation filtering
  • B. outbreak filters
  • C. antivirus
  • D. Indication of Compromise
  • E. application filtering

Answer: B,C

Explanation:
Outbreak filters and antivirus are two features that can be applied to either incoming or outgoing mail policies on Cisco ESA. Outbreak filters allow Cisco ESA to detect and block messages that contain new or emerging email threats, such as viruses, worms, phishing, or spam, by using real-time updates from Talos intelligence. Antivirus allows Cisco ESA to scan messages for known viruses and malware using one or two antivirus engines (Sophos and McAfee).


NEW QUESTION # 32
An administrator needs to configure Cisco ESA to ensure that emails are sent and authorized by the owner of the domain. Which two steps must be performed to accomplish this task? (Choose two.)

  • A. Create signing profile.
  • B. Generate keys.
  • C. Create DMARC profile.
  • D. Enable SPF verification.
  • E. Create Mx record.

Answer: C,D


NEW QUESTION # 33
An organization wants to prevent proprietary patent documents from being shared externally via email. The network administrator reviewed the DLP policies on the Cisco Secure Email Gateway and could not find an existing policy with the appropriate matching patterns. Which type of DLP policy template must be used to create a policy that meets this requirement?

  • A. regulatory compliance
  • B. acceptable use
  • C. custom policy
  • D. privacy protection

Answer: C

Explanation:
Custom policy is a type of DLP policy template that must be used to create a policy that meets this requirement. Custom policy allows the administrator to define their own criteria for detecting sensitive or confidential data in messages, such as keywords, regular expressions, file types, etc.
To create a custom DLP policy on Cisco ESA, the administrator can follow these steps:
Select Mail Policies > DLP Policy Manager and click Add Policy.
Enter a name and description for the DLP policy, such as Patent Protection.
Under Policy Template, select Custom Policy.
Click Submit.
Under Content Matching Criteria, click Add Criteria.
Choose a matching type, such as Keyword or Regular Expression, and enter a value that matches the proprietary patent documents, such as "patent number" or "\d{4}/\d{6}".
Click Submit.
The other options are not valid types of DLP policy templates to create a policy that meets this requirement, because they are predefined templates that do not match the proprietary patent documents.


NEW QUESTION # 34
Which scenario prevents a message from being sent to the quarantine as an action in the scan behavior on Cisco ESA?

  • A. A policy quarantine is missing.
  • B. More than one email pipeline is defined.
  • C. The "add custom header" action is performed first.
  • D. The "modify the message subject" is already set.

Answer: A

Explanation:
A policy quarantine is a type of quarantine that allows Cisco ESA to store messages that match certain criteria, such as virus, spam, or DLP verdicts, for further review or release by an administrator or an end user.
A scenario that prevents a message from being sent to the quarantine as an action in the scan behavior on Cisco ESA is when a policy quarantine is missing, which means that no policy quarantine has been created or enabled on Cisco ESA.
The other options do not prevent a message from being sent to the quarantine as an action in the scan behavior on Cisco ESA.


NEW QUESTION # 35
An engineer is tasked with creating a content filter to catch attachments, including credit card numbers, and hold them for review until further action is taken. Which component on a Cisco Secure Email Gateway must be configured to meet this requirement?

  • A. Spam Quarantine
  • B. Outbreak Filter
  • C. Policy Quarantine
  • D. Content Filter

Answer: D

Explanation:
Content filter is a component on a Cisco Secure Email Gateway that must be configured to catch attachments, including credit card numbers, and hold them for review until further action is taken. Content filter allows you to define rules based on message content and apply actions such as quarantine, encrypt, or modify. Reference = [User Guide for AsyncOS 12.0 for Cisco Email Security Appliances - GD (General Deployment) - Content Filters [Cisco Secure Email Gateway] - Cisco]


NEW QUESTION # 36
An organization has a strict policy on URLs embedded in emails. The policy allows visibility into what the URL is but does not allow the user to click it. Which action must be taken to meet the requirements of the security policy?

  • A. Enable the URL quarantine policy
  • B. Defang the URL.
  • C. Replace the URL with text
  • D. Redirect the URL to the Cisco security proxy

Answer: B

Explanation:
To meet the security policy of allowing visibility into what the URL is but not allowing the user to click it, the administrator must defang the URL. This means that the URL will be modified in a way that it is still readable by humans but not clickable by browsers. For example, http://example.com could be defanged as hxxp://example[.]com. Reference: [Cisco Secure Email Gateway Administrator Guide - Defanging URLs in Messages]


NEW QUESTION # 37
A company has deployed a new mandate that requires all emails sent externally from the Sales Department to be scanned by DLP for PCI-DSS compliance. A new DLP policy has been created on the Cisco ESA and needs to be assigned to a mail policy named 'Sales' that has yet to be created.
Which mail policy should be created to accomplish this task?

  • A. Preliminary Mail Policy
  • B. Incoming Mail Flow Policy
  • C. Outgoing Mail Flow Policy
  • D. Outgoing Mail Policy

Answer: D

Explanation:
Outgoing Mail Policy is a mail policy that should be created to accomplish this task. Outgoing Mail Policy is a set of rules that determine how outgoing messages are processed by Cisco ESA, including whether to apply DLP scanning or not.
To create an Outgoing Mail Policy named 'Sales' and assign a DLP policy to it, the administrator can follow these steps:
Select Mail Policies > Outgoing Mail Policies and click Add Policy.
Enter 'Sales' as the policy name and click Submit.
Select 'Sales' from the list of policies and click Edit Settings.
Under Data Loss Prevention, select Enable Data Loss Prevention Scanning and choose the DLP policy from the drop-down menu.
Click Submit.
The other options are not valid mail policies to accomplish this task, because they do not apply to outgoing messages or DLP scanning.


NEW QUESTION # 38
......


The Cisco 300-720 exam consists of 60-70 multiple-choice questions and candidates are given 90 minutes to complete it. 300-720 exam covers a range of topics including email security concepts, Email Security Appliance (ESA) deployment, configuration and management, anti-spam and anti-virus protection, message filters and policies, data loss prevention (DLP), and email encryption. To pass the exam, candidates must score at least 70%.

 

300-720 Exam Practice Questions prepared by Cisco Professionals: https://www.real4prep.com/300-720-exam.html

Pass 300-720 Exam with Latest Questions: https://drive.google.com/open?id=1Cohy0R94X_2QZF-46cXOhOcDgj3foTAt

Related Articles

more
Cisco 300-720 Certification Practice Exam