2023 Valid 300-720 Real Exam Questions, practice CCNP Security
Latest Success Metrics For Actual 300-720 Exam (Updated 149 Questions)
Cisco 300-720 exam is intended for professionals who work in the field of network security and have experience with Cisco Email Security Appliance technologies. 300-720 exam is a 90-minute test that consists of multiple-choice questions, drag-and-drop questions, and simulations. To pass the exam, candidates must demonstrate their knowledge and skills in securing email with Cisco Email Security Appliance technologies.
NEW QUESTION # 61
Drag and drop the steps to configure Cisco ESA to use SPF/SIDF verification from the left into the correct order on the right.
Answer:
Explanation:
NEW QUESTION # 62
Which cloud service provides a reputation verdict for email messages based on the sender domain and other attributes?
- A. Cisco Talos
- B. Cisco Secure Cloud Analytics
- C. Cisco Secure Email Threat Defense
- D. Cisco AppDynamics
Answer: A
Explanation:
Cisco Talos is a cloud service that provides a reputation verdict for email messages based on the sender domain and other attributes such as IP address, sender behavior, message content, and attachment analysis. Cisco Talos is integrated with Cisco Secure Email Gateway and provides real-time threat intelligence and protection against spam, phishing, malware, and other email-borne threats.
The other options are not valid because:
A) Cisco AppDynamics is a cloud service that provides application performance monitoring and optimization for enterprise applications. It does not provide reputation verdicts for email messages.
B) Cisco Secure Email Threat Defense is a cloud service that provides visibility and remediation capabilities for email threats detected by Cisco Secure Email Gateway. It does not provide reputation verdicts for email messages.
C) Cisco Secure Cloud Analytics is a cloud service that provides network visibility and threat detection for cloud environments. It does not provide reputation verdicts for email messages.
NEW QUESTION # 63
Which ESA function maintains a set of rules that control incoming connections from remote hosts for a listener?
- A. VEST
- B. RAT
- C. LDAP
- D. Sender group
- E. HAT
Answer: E
NEW QUESTION # 64
Which feature must be configured before an administrator can use the outbreak filter for nonviral threats?
- A. data loss prevention
- B. quarantine threat level
- C. antivirus
- D. antispam
Answer: D
Explanation:
The feature that must be configured before an administrator can use the outbreak filter for nonviral threats is antispam. The outbreak filter relies on the antispam engine to detect and block nonviral threats, such as phishing, malware, or spam campaigns. You need to enable antispam scanning and configure the antispam settings before you can use the outbreak filter.
NEW QUESTION # 65
An organization wants to designate help desk personnel to assist with tickets that request the release of messages from the spam quarantine because company policy does not permit direct end-user access to the quarantine. Which two roles must be used to allow help desk personnel to release messages while restricting their access to make configuration changes in the Cisco Secure Email Gateway? (Choose two.)
- A. Technician
- B. Administrator
- C. Help Desk User
- D. Quarantine Administrator
- E. Read-Only Operator
Answer: C,D
Explanation:
All users with administrator privileges can change spam quarantine settings and view and manage messages in the spam quarantine. You do not need to configure spam quarantine access for administrator users.
If you configure access to the spam quarantine for users with the following roles, they can view, release, and delete messages in the spam quarantine:
-Operator
-Read-only operator
-Help desk user
-Guest
-Custom user roles that have spam quarantine privileges
These users cannot access spam quarantine settings.
https://www.cisco.com/c/en/us/td/docs/security/esa/esa14-0/user_guide/b_ESA_Admin_Guide_14-0/b_ESA_Admin_Guide_12_1_chapter_0100000.html?bookSearch=true#con_1624156
NEW QUESTION # 66
An administrator is trying to enable centralized PVO but receives the error, "Unable to proceed with Centralized Policy, Virus and Outbreak Quarantines configuration as esa1 in Cluster has content filters / DLP actions available at a level different from the cluster level." What is the cause of this error?
- A. DLP is configured at the domain-level on esa1.
- B. DLP is not configured on host1.
- C. DLP is configured at the cluster-level on esa2.
- D. Content filters are configured at the machine-level on esa1.
Answer: B
Explanation:
The PVO cannot be enabled and shows this type of error message.
Unable to proceed with Centralized Policy, Virus and Outbreak Quarantines configuration as host1 and host2 in Cluster have content filters / DLP actions available at a level different from the cluster Level.
The error message can indicate that one of the hosts does not have a DLP feature key applied and DLP is disabled. The solution is to add the missing feature key and apply DLP settings identical as on the host that has the feature key applied. This feature key inconsistency might have the same effect with Outbreak Filters, Sophos Antivirus, and other feature keys.
https://www.cisco.com/c/en/us/support/docs/security/email-security-appliance/118026-technote-esa-00.html
NEW QUESTION # 67
A content dictionary was created for use with Forged Email Detection. Proper data that pertains to the CEO Example CEO: <ceo@example com> must be entered. What must be added to the dictionary to accomplish this goal?
- A. Example CEO
- B. ceo@example com
- C. example.com
- D. ceo
Answer: B
Explanation:
[email protected] is the data that must be added to the dictionary to accomplish this goal. A content dictionary is a list of values that can be used as a condition in a content filter or a message filter. Forged Email Detection is a feature that allows Cisco ESA to detect and prevent email spoofing attacks, where the sender's address or domain is forged to appear as someone else, such as the CEO of the organization.
To create a content dictionary for use with Forged Email Detection on Cisco ESA, the administrator can follow these steps:
Select Mail Policies > Content Dictionaries and click Add Dictionary.
Enter a name and description for the content dictionary, such as CEO Email.
Under Dictionary Values, click Add Value.
Enter the email address of the CEO, such as [email protected].
Click Submit.
NEW QUESTION # 68
Which two query types are available when an LDAP profile is configured? (Choose two.)
- A. routing
- B. proxy consolidation
- C. group
- D. user
- E. recursive
Answer: A,C
Explanation:
Explanation/Reference: https://www.cisco.com/c/en/us/td/docs/security/esa/esa12-0/user_guide/ b_ESA_Admin_Guide_12_0/b_ESA_Admin_Guide_12_0_chapter_011010.html
NEW QUESTION # 69
Email encryption is configured on a Cisco ESA that uses CRES.
Which action is taken on a message when CRES is unavailable?
- A. It is encrypted by a Cisco encryption appliance.
- B. It is sent in clear text.
- C. It is dropped and an error message is sent to the sender.
- D. It is requeued.
Answer: B
NEW QUESTION # 70
Which default port is used by the Cisco ESA to quarantine the message on the Cisco Security Management Appliance?
- A. port4766/UDP
- B. port443/TCP
- C. port110/TCP
- D. port 6025/TCP
- E. port 25fTCP
Answer: D
NEW QUESTION # 71
A company has deployed a new mandate that requires all emails sent externally from the Sales Department to be scanned by DLP for PCI-DSS compliance. A new DLP policy has been created on the Cisco ESA and needs to be assigned to a mail policy named 'Sales' that has yet to be created.
Which mail policy should be created to accomplish this task?
- A. Incoming Mail Flow Policy
- B. Preliminary Mail Policy
- C. Outgoing Mail Policy
- D. Outgoing Mail Flow Policy
Answer: C
Explanation:
Outgoing Mail Policy is a mail policy that should be created to accomplish this task. Outgoing Mail Policy is a set of rules that determine how outgoing messages are processed by Cisco ESA, including whether to apply DLP scanning or not.
To create an Outgoing Mail Policy named 'Sales' and assign a DLP policy to it, the administrator can follow these steps:
Select Mail Policies > Outgoing Mail Policies and click Add Policy.
Enter 'Sales' as the policy name and click Submit.
Select 'Sales' from the list of policies and click Edit Settings.
Under Data Loss Prevention, select Enable Data Loss Prevention Scanning and choose the DLP policy from the drop-down menu.
Click Submit.
The other options are not valid mail policies to accomplish this task, because they do not apply to outgoing messages or DLP scanning.
NEW QUESTION # 72
Refer to the exhibit.
A network engineer must set up a content filter to find any messages that failed SPF and send them into quarantine The content filter has been set up and enabled, but all messages except those that have failed SPF are being sent into quarantine. Which section of the filter must be modified to correct this behavior?
- A. spf-status
- B. skip-filters
- C. quarantine
- D. log-entry
Answer: A
Explanation:
spf-status is the section of the filter that must be modified to correct this behavior. spf-status is a condition that determines whether a message matches the content filter rule based on the result of SPF verification, such as pass, fail, neutral, etc.
The content filter in the exhibit has a spf-status condition set to "Pass", which means that it will match messages that passed SPF verification and apply the action of "Quarantine". This is the opposite of what the network engineer intended to do.
To correct this behavior, the network engineer can modify the spf-status condition to "Fail", which means that it will match messages that failed SPF verification and apply the action of "Quarantine".
The other options are not valid sections of the filter that must be modified to correct this behavior, because they do not affect the spf-status condition.
NEW QUESTION # 73
Which suboption must be selected when LDAP is configured for Spam Quarantine End-User Authentication?
- A. Designate as the active query
- B. Update Frequency
- C. Server Priority
- D. Entity ID
Answer: A
NEW QUESTION # 74
What is the default port to deliver emails from the Cisco ESA to the Cisco SMA using the centralized Spam Quarantine?
- A. 0
- B. 1
- C. 2
- D. 3
Answer: B
NEW QUESTION # 75
Drag and Drop Question
Drag and drop the AsyncOS methods for performing DMARC verification from the left into the correct order on the right.
Answer:
Explanation:
NEW QUESTION # 76
Which of the following types of DNS records deals with mail delivery for a specific domain?
- A. A
- B. PTR
- C. TXT
- D. MX
Answer: D
NEW QUESTION # 77
Drag and drop the steps to configure Cisco ESA to use SPF/SIDF verification from the left into the correct order on the right.
Answer:
Explanation:
NEW QUESTION # 78
What is the default HTTPS port when configuring spam quarantine on Cisco ESA?
- A. 0
- B. 1
- C. 2
- D. 3
Answer: D
Explanation:
in the spam quarantine section, you can configure settings for access to the spam quarantine, and by default, HTTP uses port 82 and HTTPS uses port 83.
NEW QUESTION # 79
......
Cisco 300-720 certification exam is designed for IT professionals who are interested in securing email with Cisco Email Security Appliance. Securing Email with Cisco Email Security Appliance certification is suitable for individuals who want to gain the necessary knowledge and skills required to configure, manage, and troubleshoot Cisco Email Security Appliances.
Genuine 300-720 Exam Dumps Free Demo Valid QA's: https://www.pass4surequiz.com/300-720-exam-quiz.html
Printable & Easy to Use CCNP Security 300-720 Dumps 100% Same Q&A In Your Real Exam: https://drive.google.com/open?id=1RnT8mvkNA8oZXMtnvpiliBThKmLlNR5A