Get New 2021 Valid Practice To your 300-720 Exam (Updated 92 Questions)
CCNP Security 300-720 Exam Practice Test Questions Dumps Bundle!
What are the benefits of Cisco 300-720 Exam Certification
A candidate might have incredible IT skills. Employers that do the hiring need to make decisions based on limited information and as it always. When they view the official Securing Email with Cisco Email Security Appliance (300-720 SESA) Certification, they can be guaranteed that a candidate has achieved a certain level of competence.
When an organization hiring or promotion an employee, then the decision is made by human resources. Now while Candidate may have an IT background, they do their decisions in a way that takes into record many different factors. One thing is candidates have formal credentials, such as the Securing Email with Cisco Email Security Appliance (300-720 SESA).
If the Candidate has the desire to move up to a higher-paying position in an organization. This certification will help as always.
After completing the Securing Email with Cisco Email Security Appliance (300-720 SESA) Exam certification Candidate becomes a solid, well-rounded Securing Email with Cisco Email Security Appliance (300-720 SESA).
NEW QUESTION 48
What is the default behavior of any listener for TLS communication?
- A. required
- B. preferred
- C. preferred-verify
- D. off
Answer: D
NEW QUESTION 49
When DKIM signing is configured, which DNS record must be updated to load the DKIM public signing key?
- A. PTR record
- B. AAAA record
- C. TXT record
- D. MX record
Answer: C
NEW QUESTION 50
When outbreak filters are configured, which two actions are used to protect users from outbreaks? (Choose two.)
- A. delay
- B. redirect
- C. drop
- D. abandon
- E. return
Answer: A,B
NEW QUESTION 51
An email containing a URL passes through the Cisco ESA that has content filtering disabled for all mail policies. The sender is [email protected], the recipients are [email protected], [email protected], [email protected], and [email protected]. The subject of the email is Test Document395898847. An administrator wants to add a policy to ensure that the Cisco ESA evaluates the web reputation score before permitting this email.
Which two criteria must be used by the administrator to achieve this? (Choose two.)
- A. Subject contains Test Document"
- B. Date and time of email
- C. Email does not match [email protected]
- D. Email body contains a URL
- E. Sender matches test1.com
Answer: A,D
NEW QUESTION 52
Email encryption is configured on a Cisco ESA that uses CRES.
Which action is taken on a message when CRES is unavailable?
- A. It is dropped and an error message is sent to the sender.
- B. It is sent in clear text.
- C. It is encrypted by a Cisco encryption appliance.
- D. It is requeued.
Answer: B
NEW QUESTION 53
What are two phases of the Cisco ESA email pipeline? (Choose two.)
- A. quarantine
- B. reject
- C. action
- D. delivery
- E. workqueue
Answer: D,E
NEW QUESTION 54
Drag and drop the AsyncOS methods for performing DMARC verification from the left into the correct order on the right.
Answer:
Explanation:
Reference:
https://www.cisco.com/c/en/us/td/docs/security/esa/esa11-1/user_guide/b_ESA_Admin_Guide_11_1/ b_ESA_Admin_Guide_11_1_chapter_010101.html
NEW QUESTION 55
Which SMTP extension does Cisco ESA support for email security?
- A. ETRN
- B. PIPELINING
- C. STARTTLS
- D. UTF8SMTP
Answer: C
Explanation:
Explanation/Reference: https://www.cisco.com/c/en/us/td/docs/security/esa/esa12-0/user_guide/ b_ESA_Admin_Guide_12_0/b_ESA_Admin_Guide_12_0_chapter_011000.html
NEW QUESTION 56
When DKIM signing is configured, which DNS record must be updated to load the DKIM public signing key?
- A. PTR record
- B. AAAA record
- C. TXT record
- D. MX record
Answer: C
Explanation:
Explanation/Reference: https://www.cisco.com/c/en/us/support/docs/security/email-security-appliance/213939-esa- configure-dkim-signing.html
NEW QUESTION 57
Which two components must be configured to perform DLP scanning? (Choose two.)
- A. Add a DLP policy on the Incoming Mail Policy.
- B. Add a DLP policy to the DLP Policy Manager.
- C. Enable a DLP policy on the Outgoing Mail Policy.
- D. Add a DLP policy to the Outgoing Content Filter.
- E. Enable a DLP policy on the DLP Policy Customizations.
Answer: B,C
Explanation:
Reference:
https://www.cisco.com/c/en/us/td/docs/security/esa/esa11-1/user_guide/ b_ESA_Admin_Guide_11_1/b_ESA_Admin_Guide_chapter_010001.html
NEW QUESTION 58
When URL logging is configured on a Cisco ESA, which feature must be enabled first?
- A. senderbase reputation filter
- B. antispam
- C. antivirus
- D. virus outbreak filter
Answer: D
Explanation:
Reference:
https://www.cisco.com/c/en/us/support/docs/security/email-security-appliance/118775-technote- esa-00.html (note under enable url filtering)
NEW QUESTION 59
When email authentication is configured on Cisco ESA, which two key types should be selected on the signing profile? (Choose two.)
- A. Private Keys
- B. DKIM
- C. Symmetric Keys
- D. Domain Keys
- E. Public Keys
Answer: B,D
Explanation:
Reference:
https://www.cisco.com/c/en/us/support/docs/security/email-security-appliance/213939-esa- configure-dkim-signing.html
NEW QUESTION 60
What is a benefit of implementing URL filtering on the Cisco ESA?
- A. provides URL reputation protection
- B. blacklists spam
- C. removes threats from malicious URLs
- D. enhances reputation against malicious URLs
Answer: A
Explanation:
Reference:
https://www.cisco.com/c/en/us/support/docs/security/email-security-appliance/118775-technote- esa-00.html
NEW QUESTION 61
Which two actions are configured on the Cisco ESA to query LDAP servers? (Choose two.)
- A. reject
- B. route
- C. accept
- D. relay
- E. delay
Answer: B,C
Explanation:
Reference:
https://www.cisco.com/c/en/us/td/docs/security/esa/esa11-0/user_guide_fs/ b_ESA_Admin_Guide_11_0/b_ESA_Admin_Guide_chapter_011010.html
NEW QUESTION 62
An administrator has created a content filter to quarantine all messages that result in an SPF hardfail to review the messages and determine whether a trusted partner has accidentally misconfigured the DNS settings. The administrator sets the policy quarantine to release the messages after 24 hours, allowing time to review while not interrupting business.
Which additional option should be used to help the end users be aware of the elevated risk of interacting with these messages?
- A. Notify Recipient
- B. Notify Sender
- C. Modify Subject
- D. Strip Attachments
Answer: C
NEW QUESTION 63
Which attack is mitigated by using Bounce Verification?
- A. smurf
- B. spoof
- C. eavesdropping
- D. denial of service
Answer: D
Explanation:
Reference:
https://www.networkworld.com/article/2305394/ironport-adds-bounce-back-verification-for-e- mail.html
NEW QUESTION 64
Which two steps configure Forged Email Detection? (Choose two.)
- A. Configure a filter to check the Header From value against the Forged Email Detection dictionary.
- B. Configure a content dictionary with friendly names.
- C. Configure a content dictionary with executive email addresses.
- D. Configure a filter to use the Forged Email Detection rule and dictionary.
- E. Enable Forged Email Detection on the Security Services page.
Answer: C,D
NEW QUESTION 65
What is a valid content filter action?
- A. archive
- B. decrypt on delivery
- C. skip antispam
- D. quarantine
Answer: D
NEW QUESTION 66
Which two action types are performed by Cisco ESA message filters? (Choose two.)
- A. discard actions
- B. final actions
- C. filter actions
- D. non-final actions
- E. quarantine actions
Answer: B,D
Explanation:
Reference:
https://www.cisco.com/c/en/us/td/docs/security/esa/esa11-1/user_guide/ b_ESA_Admin_Guide_11_1/b_ESA_Admin_Guide_chapter_01000.html
NEW QUESTION 67
Which two factors must be considered when message filter processing is configured? (Choose two.)
- A. lateral processing
- B. mail policies
- C. message-filter order
- D. structure of the combined packet
- E. MIME structure of the message
Answer: C,E
Explanation:
Explanation/Reference: https://www.cisco.com/c/en/us/td/docs/security/esa/esa12-0/user_guide/ b_ESA_Admin_Guide_12_0/b_ESA_Admin_Guide_chapter_01000.html
NEW QUESTION 68
Which two certificate authority lists are available in Cisco ESA? (Choose two.)
- A. default
- B. user
- C. demo
- D. custom
- E. system
Answer: D,E
Explanation:
Reference:
https://www.cisco.com/c/en/us/td/docs/security/esa/esa11-1/user_guide/ b_ESA_Admin_Guide_11_1/b_ESA_Admin_Guide_11_1_chapter_011000.html#task_1194859
NEW QUESTION 69
DRAG DROP
Drag and drop the Cisco ESA reactions to a possible DLP from the left onto the correct action types on the right.
Select and Place:
Answer:
Explanation:
Explanation/Reference:
https://www.cisco.com/c/en/us/td/docs/security/esa/esa12-0/user_guide/b_ESA_Admin_Guide_12_0/ b_ESA_Admin_Guide_chapter_010001.html (message actions)
NEW QUESTION 70
An engineer is configuring a Cisco ESA for the first time and needs to ensure that any email traffic coming from the internal SMTP servers is relayed out through the Cisco ESA and is tied to the Outgoing Mail Policies.
Which Mail Flow Policy setting should be modified to accomplish this goal?
- A. Connection Behavior
- B. Reverse Connection Verification
- C. Bounce Detection Signing
- D. Exception List
Answer: A
NEW QUESTION 71
Which global setting is configured under Cisco ESA Scan Behavior?
- A. actions for unscannable messages due to attachment type
- B. attachment scanning timeout
- C. minimum depth of attachment recursion to scan
- D. minimum attachment size to scan
Answer: B
NEW QUESTION 72
......
Fully Updated Dumps PDF - Latest 300-720 Exam Questions and Answers: https://www.troytecdumps.com/300-720-troytec-exam-dumps.html
Updated 300-720 PDF for the 300-720 Tests Free Updated Today: https://drive.google.com/open?id=1qNDMsPoEkO8Pd2i_YOl3qbUo57K2UUgd