Get Started: 300-720 Exam [2023] Dumps Cisco PDF Questions
300-720 Premium Exam Engine pdf Download
Cisco 300-720 certification exam is a great way for IT professionals to demonstrate their expertise in email security and enhance their career opportunities. Passing the exam requires a deep understanding of email security concepts, as well as hands-on experience with Cisco Email Security Appliance technology. With this certification, IT professionals can demonstrate their ability to secure email communications and protect their organization against email-based threats.
Exam 300-720 Domains
Here are the main topics that will be tested in the Cisco 300-720:
- Filters for content as well as messages;
- Authenticating and encrypting Emails;
- LDAP & SMTP sessions;
- Systems quarantines in addition to delivery processes.
- Using Talos SenderBase as well as anti-spam for spam control;
The above-discussed areas are the most common in the actual exam, but testing is not necessarily limited to them. The guidelines may change so you are advised to revise extensively for the official exam so that you pass it in one go.
Cisco 300-720 certification exam is intended for IT professionals with a background in networking, security, and email systems. It is also suitable for those who are responsible for managing the security of their organization's email system. Obtaining this certification can help individuals demonstrate their expertise in securing email using the Cisco Email Security Appliance, which can lead to better job opportunities and higher salaries.
NEW QUESTION # 46
Spreadsheets containing credit card numbers are being allowed to bypass the Cisco ESA.
Which outgoing mail policy feature should be configured to catch this content before it leaves the network?
- A. data loss prevention
- B. file reputation filtering
- C. file analysis
- D. outbreak filtering
Answer: A
Explanation:
Data Loss Prevention (DLP) is an outgoing mail policy feature that should be configured to catch this content before it leaves the network. DLP allows Cisco ESA to scan outgoing messages for sensitive or confidential data, such as credit card numbers, social security numbers, health records, etc., and apply appropriate actions, such as encrypt, quarantine, notify, etc., to prevent data leakage or loss.
The other options are not valid outgoing mail policy features to catch this content before it leaves the network, because they do not scan for sensitive or confidential data in messages.
NEW QUESTION # 47
Which action on the Cisco ESA provides direct access to view the safelist/blocklist?
- A. Monitor Incoming/Outgoing Listener.
- B. Export the SLBL to a .csv file.
- C. Show the SLBL cache on the CLI.
- D. Debug the mail flow policy.
Answer: B
NEW QUESTION # 48
Email encryption is configured on a Cisco ESA that uses CRES.
Which action is taken on a message when CRES is unavailable?
- A. It is dropped and an error message is sent to the sender.
- B. It is requeued.
- C. It is encrypted by a Cisco encryption appliance.
- D. It is sent in clear text.
Answer: D
NEW QUESTION # 49
Which two configurations are used on multiple LDAP servers to connect with Cisco ESA?
(Choose two.)
- A. failover
- B. load balancing
- C. SLA monitor
- D. active-standby
- E. active-active
Answer: A,B
NEW QUESTION # 50
When email authentication is configured on Cisco ESA, which two key types should be selected on the signing profile? (Choose two.)
- A. DKIM
- B. Domain Keys
- C. Public Keys
- D. Symmetric Keys
- E. Private Keys
Answer: A,B
NEW QUESTION # 51
Which action is a valid fallback when a client certificate is unavailable during SMTP authentication on Cisco ESA?
- A. LDAP Query
- B. LDAP BIND
- C. SMTP TLS
- D. SMTP AUTH
Answer: D
Explanation:
Reference:
https://www.cisco.com/c/en/us/td/docs/security/esa/esa12-0/user_guide/ b_ESA_Admin_Guide_12_0/b_ESA_Admin_Guide_12_0_chapter_011011.html
NEW QUESTION # 52
Which global setting is configured under Cisco ESA Scan Behavior?
- A. minimum depth of attachment recursion to scan
- B. minimum attachment size to scan
- C. attachment scanning timeout
- D. actions for unscannable messages due to attachment type
Answer: C
Explanation:
Reference:
https://community.cisco.com/t5/email-security/cisco-ironport-esa-security-services-scan-behavior- impact-on-av/td-p/3923243
NEW QUESTION # 53
Which benefit does enabling external spam quarantine on Cisco SMA provide?
- A. ability to scan messages by using two engines to increase a catch rate
- B. ability to back up spam quarantine from multiple Cisco ESAs to one central console
- C. ability to consolidate spam quarantine data from multiple Cisco ESA to one central console
- D. access to the spam quarantine interface on which a user can release, duplicate, or delete
Answer: C
NEW QUESTION # 54
Which Cisco ESA security service is configured only through an outgoing mail policy?
- A. DLP
- B. antivirus
- C. Outbreak Filters
- D. AMP
Answer: A
Explanation:
Explanation
Reference https://www.cisco.com/c/en/us/td/docs/security/esa/esa11-0/user_guide_fs/ b_ESA_Admin_Guide_11_0/b_ESA_Admin_Guide_chapter_01001.html
NEW QUESTION # 55
Which type of query must be configured when setting up the Spam Quarantine while merging notifications?
- A. Spam Quarantine Alias Authentication Query
- B. Spam Quarantine Alias Masquerading Query
- C. Spam Quarantine Alias Consolidation Query
- D. Spam Quarantine Alias Routing Query
Answer: C
Explanation:
Spam Quarantine Alias Consolidation Query is a type of query that must be configured when setting up the Spam Quarantine while merging notifications on Cisco ESA. This query allows Cisco ESA to consolidate multiple email addresses that belong to the same end user into one entry in the Spam Quarantine, and send only one notification email to that end user with all the quarantined messages for all their email addresses.
NEW QUESTION # 56
A Cisco Secure Email Gateway administrator recently enabled the Outbreak Filters Global Service Setting to detect Viral as well as Non-Viral threat detection, with no detection of Non-viral threats after 24 hours of monitoring Outbreak Filters What is the reason that Non-Viral threat detection is not detecting any positive verdicts?
- A. Non-Viral threat detection requires AntiSpam or Intelligent Multi-Scan enablement to properly function.
- B. The Outbreak Filters option Graymail Header must be enabled
- C. The Outbreak Filters option URL Rewriting must be enabled.
- D. Non-Viral threat detection requires Antivirus or AMP enablement to properly function
Answer: A
Explanation:
According to the [Cisco Secure Email User Guide], Non-Viral threat detection is a feature of Outbreak Filters that detects and blocks email messages that contain non-viral threats such as phishing, fraud, or social engineering[1, p. 25]. To use this feature, you need to enable either AntiSpam or Intelligent Multi-Scan on your Cisco Secure Email Gateway, as these features provide the necessary scanning and filtering capabilities for Non-Viral threat detection[1, p. 26].
The other options are not valid because:
A) Non-Viral threat detection does not require Antivirus or AMP enablement to properly function. Antivirus and AMP are features that detect and block email messages that contain viral threats such as malware or ransomware[1, p. 27-28].
B) The Outbreak Filters option Graymail Header does not affect Non-Viral threat detection. Graymail Header is an option that allows you to add a header to email messages that are classified as graymail, which are messages that are not spam but may be unwanted by some recipients, such as newsletters or promotions[1, p. 25].
D) The Outbreak Filters option URL Rewriting does not affect Non-Viral threat detection. URL Rewriting is an option that allows you to rewrite the URLs in email messages to point to a Cisco proxy server, which can scan the URLs for malicious content and redirect the users to a warning page if needed[1, p. 25].
NEW QUESTION # 57
Refer to the exhibit.
For improved security, an administrator wants to warn users about opening any links or attachments within an email How must the administrator configure an HTML-coded message at the top of an email body to create this warning?
- A. Create a text resource type of Disclaimer Template change to code view to paste the HTML code into the text box, then use this text resource inside a content filter
- B. Create a text resource type of Disclaimer Template paste the HTML code into the text box. then use this text resource inside a content filter
- C. Create a text resource type of Notification Template, change to code view to paste the HTML code into the text box. then use this text resource inside a content filter.
- D. Create a text resource type of Notification Template, paste the HTML code into the text box, then use this text resource inside a content filter.
Answer: A
Explanation:
According to the [Cisco Secure Email User Guide], you can create a text resource of type Disclaimer Template and use the code view option to insert HTML code into the text box. Then, you can use this text resource in a content filter to prepend or append the HTML message to the email body[1, p. 15-16].
The other options are not valid because:
A) Creating a text resource type of Disclaimer Template and pasting the HTML code into the text box without changing to code view will not work, as the HTML code will be treated as plain text and not rendered properly[1, p. 15].
C) Creating a text resource type of Notification Template and pasting the HTML code into the text box will not work, as Notification Templates are used for sending notifications to senders or recipients, not for modifying the email body[1, p. 17].
D) Creating a text resource type of Notification Template and changing to code view to paste the HTML code into the text box will not work, as Notification Templates are used for sending notifications to senders or recipients, not for modifying the email body[1, p. 17].
NEW QUESTION # 58
Which of the following two statements are correct about the large file attachments (greater than 25MB) feature in Cisco Secure Email Encryption Service? (Choose two.)
- A. This feature can only be enabled if the Read from Message feature is enabled
- B. This feature allows users to send up to 50MB of attachments in a secure email.
- C. Large file attachments can only be sent using the Cisco Secure Email Add-In.
- D. Large file attachments will be sent as a securedoc attachment
- E. Large file attachments can only be sent using the websafe portal
Answer: A,D
Explanation:
Large file attachments will be sent as a securedoc attachment. This means that the recipient will receive an encrypted message with a securedoc.html attachment that contains a link to download the large file from the Cisco Secure Email Encryption Service portal[2, p. 9].
This feature can only be enabled if the Read from Message feature is enabled. The Read from Message feature allows you to encrypt messages based on keywords or phrases in the subject or body of the message. You need to enable this feature before you can enable the large file attachments feature[2, p. 8].
The other options are not valid because:
A) Large file attachments can be sent using both the websafe portal and the Cisco Secure Email Add-In. The websafe portal allows you to compose and send encrypted messages from any web browser, while the Cisco Secure Email Add-In allows you to encrypt messages from your email client such as Outlook[2, p. 6-7].
B) This feature allows users to send up to 100MB of attachments in a secure email, not 50MB[2, p. 9].
D) Large file attachments can be sent using both the websafe portal and the Cisco Secure Email Add-In. The websafe portal allows you to compose and send encrypted messages from any web browser, while the Cisco Secure Email Add-In allows you to encrypt messages from your email client such as Outlook[2, p. 6-7].
NEW QUESTION # 59
Which option describes how the Cisco ESA fits into a network?
- A. It works as a mail exchange.
- B. The product should be installed in the DMZ.
- C. It process POP3 messages.
- D. It handles SMTP-related traffic by routing the packets.
Answer: D
NEW QUESTION # 60
What is the maximum message size that can be configured for encryption on the Cisco ESA?
- A. 30 MB
- B. 20 MB
- C. 25 MB
- D. 15 MB
Answer: B
NEW QUESTION # 61
Which feature must be configured before an administrator can use the outbreak filter for nonviral threats?
- A. antispam
- B. antivirus
- C. quarantine threat level
- D. data loss prevention
Answer: A
Explanation:
Explanation/Reference: https://www.cisco.com/c/en/us/td/docs/security/esa/esa12-0/user_guide/ b_ESA_Admin_Guide_12_0/b_ESA_Admin_Guide_chapter_01110.html
NEW QUESTION # 62
An organization wants to use its existing Cisco ESA to host a new domain and enforce a separate corporate policy for that domain.
What should be done on the Cisco ESA to achieve this?
- A. Use the deli very config command to configure mail delivery for the new domain.
- B. Use the smtproutes command to configure a SMTP route for the new domain.
- C. Use the altrchost command to add a separate gateway for the new domain.
- D. Use the dsestconf command to add a separate destination for the new domain.
Answer: B
Explanation:
Reference:
https://www.cisco.com/c/en/us/td/docs/security/esa/esa12-0/user_guide/b_ESA_Admin_Guide_12_0/b_ESA_Admin_Guide_12_0_chapter_011001.html one of the steps to accept mail for additional internal domains on the Cisco ESA is to choose Network > SMTP Routes and enter the new domain and the corresponding destination host IP address1. This can also be done using the smtproutes command in the CLI1. The other commands (deliveryconfig, dsestconf, and altrchost) are not related to this task.
NEW QUESTION # 63
Which type of attack is prevented by configuring file reputation filtering and file analysis features?
- A. zero-day
- B. phishing
- C. denial of service
- D. backscatter
Answer: A
Explanation:
Reference:
https://www.cisco.com/c/en/us/td/docs/security/esa/esa12-0/user_guide/ b_ESA_Admin_Guide_12_0/b_ESA_Admin_Guide_chapter_010000.html#con_1809885
NEW QUESTION # 64
......
Pass Your Cisco Exam with 300-720 Exam Dumps: https://www.exams-boost.com/300-720-valid-materials.html
Verified 300-720 Bundle Real Exam Dumps PDF: https://drive.google.com/open?id=10KwPnZU9CzzukGm9kTrRwLlWwsb2E8El