[Jan 02, 2024] 300-720 Test Engine files, 300-720 Dumps PDF [Q75-Q94]

Share

[Jan 02, 2024] 300-720 Test Engine files, 300-720 Dumps PDF

Latest Cisco 300-720 PDF and Dumps (2024) Free Exam Questions Answers


Cisco 300-720 certification exam is intended for professionals who are working in the field of cybersecurity, network security, and email security. Securing Email with Cisco Email Security Appliance certification is suitable for those who are interested in expanding their knowledge and skills in email security technologies and solutions. 300-720 exam is designed to test the candidates' knowledge of email security concepts, email security solutions, and email security best practices.

 

NEW QUESTION # 75
When email authentication is configured on Cisco ESA, which two key types should be selected on the signing profile? (Choose two.)

  • A. Public Keys
  • B. DKIM
  • C. Domain Keys
  • D. Symmetric Keys
  • E. Private Keys

Answer: B,C


NEW QUESTION # 76
What is the default HTTPS port when configuring spam quarantine on Cisco ESA?

  • A. 0
  • B. 1
  • C. 2
  • D. 3

Answer: D

Explanation:
Reference:
https://www.cisco.com/c/en/us/td/docs/security/ces/user_guide/esa_user_guide_11-1/ b_ESA_Admin_Guide_ces_11_1/b_ESA_Admin_Guide_chapter_011111.pdf


NEW QUESTION # 77
What is the purpose of Cisco Email Encryption on Cisco ESA?

  • A. to ensure anonymity between a recipient and MTA
  • B. to ensure integrity between a sender and MTA
  • C. to ensure privacy between Cisco ESA and MTA
  • D. to authenticate direct communication between a sender and Cisco ESA

Answer: C


NEW QUESTION # 78
What is a benefit of implementing URL filtering on the Cisco ESA?

  • A. enhances reputation against malicious URLs
  • B. provides URL reputation protection
  • C. blacklists spam
  • D. removes threats from malicious URLs

Answer: B

Explanation:
A benefit of implementing URL filtering on the ESA is that it provides URL reputation protection. URL filtering uses SenderBase, a web-based service that collects information about URLs and domains from various sources, to assign a reputation score and a category to each URL. Based on these attributes, you can configure content or message filters to take actions on messages containing malicious or undesirable URLs.


NEW QUESTION # 79
When DKIM signing is configured, which DNS record must be updated to load the DKIM public signing key?

  • A. MX record
  • B. PTR record
  • C. TXT record
  • D. AAAA record

Answer: C


NEW QUESTION # 80
Which two statements about configuring message filters within the Cisco ESA are true? (Choose two.)

  • A. Message filters can be configured only from the CLI.
  • B. The filterconfig command executed from the CLI is used to configure message filters.
  • C. Message filters can be configured only from the web user interface.
  • D. The filters command executed from the CLI is used to configure the message filters.
  • E. Message filters configuration within the web user interface is located within Incoming Content Filters.

Answer: A,D

Explanation:
Reference:
https://www.cisco.com/c/en/us/support/docs/security/email-security-appliance/213940-esa-using-a- message-filter-to-take-act.html


NEW QUESTION # 81
A network administrator is modifying an outgoing mail policy to enable domain protection for the organization. A DNS entry is created that has the public key.
Which two headers will be used as matching criteria in the outgoing mail policy? (Choose two.)

  • A. message-ID
  • B. mail-from
  • C. sender
  • D. from
  • E. URL reputation

Answer: C,D

Explanation:
To enable domain protection for the organization, the administrator must configure an outgoing mail policy that matches the sender and the from headers of the email. The sender header is the envelope sender address that is used by SMTP to route the email. The from header is the address that is displayed to the recipient as the source of the email. These headers are used to generate and verify a DomainKeys Identified Mail (DKIM) signature, which is a cryptographic method of validating the authenticity and integrity of an email message.
The other headers are not relevant for domain protection. The message-ID header is a unique identifier for each email message. The URL reputation header is a score that indicates the likelihood of a URL being malicious. The mail-from header is an alias for the sender header.
Reference:
Domain Protection
DKIM Signing


NEW QUESTION # 82
Which two query types are available when an LDAP profile is configured? (Choose two.)

  • A. proxy consolidation
  • B. user
  • C. group
  • D. recursive
  • E. routing

Answer: C,E


NEW QUESTION # 83
A Cisco Secure Email Gateway appliance is processing many messages that are sent to invalid recipients verification. Which two steps are required to accomplish this task? (Choose two.)

  • A. Enable external LDAP authentication
  • B. Configure incoming mail policy to query LDAP server
  • C. Configure the LDAP query on a listener
  • D. Enable LDAP authentication on a listener
  • E. Configure LDAP server profiles

Answer: C,E

Explanation:
To enable LDAP recipient verification on a Cisco Secure Email Gateway appliance, you need to configure the LDAP query on a listener and configure LDAP server profiles. The LDAP query specifies the criteria for matching recipient addresses against an LDAP directory. The LDAP server profile defines the connection settings and authentication credentials for accessing an LDAP server2. Reference = User Guide for AsyncOS 12.0 for Cisco Email Security Appliances - GD (General Deployment) - Configuring LDAP Queries [Cisco Secure Email Gateway] - Cisco


NEW QUESTION # 84
Users have been complaining of a higher volume of emails containing profanity. The network administrator will need to leverage dictionaries and create specific conditions to reduce the number of inappropriate emails.
Which two filters should be configured to address this? (Choose two.)

  • A. VOF
  • B. spam
  • C. message
  • D. sender group
  • E. content

Answer: C,E

Explanation:
Message filter and content filter are two filters that should be configured to address this issue. Message filter and content filter are rules that allow Cisco ESA to perform actions on messages based on predefined or custom conditions, such as headers, envelope, body, attachments, etc.
To reduce the number of inappropriate emails containing profanity, the network administrator can create a dictionary that contains a list of profane words or phrases and use it as a condition in a message filter or content filter that applies an action of "drop", "quarantine", or "modify subject" on the matching messages.
The other options are not valid filters to address this issue, because they do not use dictionaries or conditions based on message content.


NEW QUESTION # 85
A Cisco Secure Email Gateway administrator must provide outbound email authenticity and configures a DKIM signing profile to handle this task. What is the next step to allow this organization to use DKIM for their outbound email?

  • A. Import the DNS record of the service provider into the Cisco Secure Email Gateway.
  • B. Enable the DKIM service checker
  • C. Export the DNS TXT record to provide to the DNS registrar
  • D. Configure the Trusted Sender Group message authenticity policy.

Answer: C

Explanation:
To use DKIM for outbound email, the administrator must export the DNS TXT record from the Cisco Secure Email Gateway and provide it to the DNS registrar of the domain. This will allow the recipient servers to verify the DKIM signature of the email by querying the DNS record of the sender domain. Reference: [Cisco Secure Email Gateway Administrator Guide - Configuring DKIM Signing]


NEW QUESTION # 86
Which two features are applied to either incoming or outgoing mail policies? (Choose two.)

  • A. application filtering
  • B. sender reputation filtering
  • C. Indication of Compromise
  • D. outbreak filters
  • E. antivirus

Answer: D,E

Explanation:
Reference:
https://www.cisco.com/c/en/us/td/docs/security/esa/esa11-1/user_guide/ b_ESA_Admin_Guide_11_1/b_ESA_Admin_Guide_chapter_01001.html


NEW QUESTION # 87

Refer to the exhibit. What is the correct order of commands to set filter 2 to active?

  • A. filters-> modify-> All-> Active
  • B. filters-> edit-> 2-> Active
  • C. filters-> detail-> 2-> 1
  • D. filters-> set-> 2-> 1

Answer: D


NEW QUESTION # 88
Which two features of Cisco Email Security are added to a Sender Group to protect an organization against email threats? (Choose two.)

  • A. heuristic-based filtering
  • B. senderbase reputation filtering
  • C. geolocation-based filtering
  • D. content disarm and reconstruction
  • E. NetFlow

Answer: A,B


NEW QUESTION # 89
When the Spam Quarantine is configured on the Cisco ESA, what validates end-users via LDAP during login to the End-User Quarantine?

  • A. Spam Quarantine End-User Authentication Query
  • B. Enabling the End-User Safelist/Blocklist feature
  • C. Spam Quarantine Alias Consolidation Query
  • D. Spam Quarantine External Authentication Query

Answer: A

Explanation:
Spam Quarantine End-User Authentication Query is a query that Cisco ESA performs against an LDAP server to validate the end-user credentials during login to the End-User Quarantine.


NEW QUESTION # 90
Which two actions are configured on the Cisco ESA to query LDAP servers? (Choose two.)

  • A. accept
  • B. reject
  • C. relay
  • D. route
  • E. delay

Answer: A,D

Explanation:
Explanation/Reference: https://www.cisco.com/c/en/us/td/docs/security/esa/esa11-0/user_guide_fs/ b_ESA_Admin_Guide_11_0/b_ESA_Admin_Guide_chapter_011010.html


NEW QUESTION # 91
Which action is a valid fallback when a client certificate is unavailable during SMTP authentication on Cisco ESA?

  • A. SMTP AUTH
  • B. SMTP TLS
  • C. LDAP BIND
  • D. LDAP Query

Answer: A

Explanation:
Explanation/Reference: https://www.cisco.com/c/en/us/td/docs/security/esa/esa12-0/user_guide/ b_ESA_Admin_Guide_12_0/b_ESA_Admin_Guide_12_0_chapter_011011.html


NEW QUESTION # 92
Users have been complaining of a higher volume of emails containing profanity. The network administrator will need to leverage dictionaries and create specific conditions to reduce the number of inappropriate emails.
Which two filters should be configured to address this? (Choose two.)

  • A. spam
  • B. VOF
  • C. message
  • D. sender group
  • E. content

Answer: A,E


NEW QUESTION # 93
A content dictionary was created for use with Forged Email Detection. Proper data that pertains to the CEO Example CEO: <ceo@example com> must be entered. What must be added to the dictionary to accomplish this goal?

  • A. Example CEO
  • B. ceo
  • C. ceo@example com
  • D. example.com

Answer: C

Explanation:
[email protected] is the data that must be added to the dictionary to accomplish this goal. A content dictionary is a list of values that can be used as a condition in a content filter or a message filter. Forged Email Detection is a feature that allows Cisco ESA to detect and prevent email spoofing attacks, where the sender's address or domain is forged to appear as someone else, such as the CEO of the organization.
To create a content dictionary for use with Forged Email Detection on Cisco ESA, the administrator can follow these steps:
Select Mail Policies > Content Dictionaries and click Add Dictionary.
Enter a name and description for the content dictionary, such as CEO Email.
Under Dictionary Values, click Add Value.
Enter the email address of the CEO, such as [email protected].
Click Submit.


NEW QUESTION # 94
......

Pass Your CCNP Security 300-720 Exam on Jan 02, 2024 with 149 Questions: https://www.testvalid.com/300-720-exam-collection.html

300-720 Free Exam Study Guide! (Updated 149 Questions): https://drive.google.com/open?id=1j2DWTmnPBS51wE_at70cRwhsJyfRo1ev