New 2023 300-720 Dumps for CCNP Security Certified Exam Questions & Answer [Q50-Q74]

Share

New 2023 300-720 Dumps for CCNP Security Certified Exam Questions and Answer

Realistic Verified 300-720 exam dumps Q&As - 300-720 Free Update

NEW QUESTION 50
Which method enables an engineer to deliver a flagged message to a specific virtual gateway address in the most flexible way?

  • A. Apply a filter on the message.
  • B. Set up the interface group with the flag.
  • C. Map the envelope sender address to the host.
  • D. Issue the altsrchost command.

Answer: D

Explanation:
Reference:
https://www.cisco.com/c/en/us/td/docs/security/esa/esa11-1/user_guide/ b_ESA_Admin_Guide_11_1/b_ESA_Admin_Guide_chapter_01000.html#con_1133810

 

NEW QUESTION 51
Drag and drop the Cisco ESA reactions to a possible DLP from the left onto the correct action types on the right.

Answer:

Explanation:

 

NEW QUESTION 52
Which two action types are performed by Cisco ESA message filters? (Choose two.)

  • A. non-final actions
  • B. discard actions
  • C. filter actions
  • D. final actions
  • E. quarantine actions

Answer: A,D

Explanation:
Reference:
https://www.cisco.com/c/en/us/td/docs/security/esa/esa11-1/user_guide/ b_ESA_Admin_Guide_11_1/b_ESA_Admin_Guide_chapter_01000.html

 

NEW QUESTION 53
Which SMTP extension does Cisco ESA support for email security?

  • A. UTF8SMTP
  • B. ETRN
  • C. STARTTLS
  • D. PIPELINING

Answer: C

Explanation:
Explanation/Reference: https://www.cisco.com/c/en/us/td/docs/security/esa/esa12-0/user_guide/ b_ESA_Admin_Guide_12_0/b_ESA_Admin_Guide_12_0_chapter_011000.html

 

NEW QUESTION 54
What is the order of virus scanning when multilayer antivirus scanning is configured?

  • A. The McAfee engine scans for viruses first and the Sophos engine scans for viruses second.
  • B. The default engine scans for viruses first and the McAfee engine scans for viruses second.
  • C. The Sophos engine scans for viruses first and the McAfee engine scans for viruses second.
  • D. The McAfee engine scans for viruses first and the default engine scans for viruses second.

Answer: A

Explanation:

https://www.cisco.com/c/en/us/td/docs/security/esa/esa13-
0/user_guide/b_ESA_Admin_Guide_13-0.pdf P.402

 

NEW QUESTION 55
Which Cisco ESA security service is configured only through an outgoing mail policy?

  • A. antivirus
  • B. Outbreak Filters
  • C. DLP
  • D. AMP
    Reference https://www.cisco.com/c/en/us/td/docs/security/esa/esa11-0/user_guide_fs/ b_ESA_Admin_Guide_11_0/b_ESA_Admin_Guide_chapter_01001.html

Answer: C

 

NEW QUESTION 56
Which benefit does enabling external spam quarantine on Cisco SMA provide?

  • A. ability to consolidate spam quarantine data from multiple Cisco ESA to one central console
  • B. ability to back up spam quarantine from multiple Cisco ESAs to one central console
  • C. ability to scan messages by using two engines to increase a catch rate
  • D. access to the spam quarantine interface on which a user can release, duplicate, or delete

Answer: A

Explanation:
Reference:
https://www.cisco.com/c/en/us/td/docs/security/security_management/sma/sma11-0/user_guide/ b_SMA_Admin_Guide/b_SMA_Admin_Guide_chapter_010101.html

 

NEW QUESTION 57
Which benefit does enabling external spam quarantine on Cisco SMA provide?

  • A. ability to consolidate spam quarantine data from multiple Cisco ESA to one central console
  • B. ability to back up spam quarantine from multiple Cisco ESAs to one central console
  • C. ability to scan messages by using two engines to increase a catch rate
  • D. access to the spam quarantine interface on which a user can release, duplicate, or delete

Answer: A

 

NEW QUESTION 58
Which two Cisco ESA features are used to control email delivery based on the sender? (Choose two.)

  • A. safelists
  • B. outbreak filter
  • C. incoming mail policies
  • D. blocklists
  • E. spam quarantine

Answer: A,D

 

NEW QUESTION 59
DRAG DROP
Drag and drop the AsyncOS methods for performing DMARC verification from the left into the correct order on the right.
Select and Place:

Answer:

Explanation:

Explanation/Reference:
https://www.cisco.com/c/en/us/td/docs/security/esa/esa11-1/user_guide/b_ESA_Admin_Guide_11_1/ b_ESA_Admin_Guide_11_1_chapter_010101.html

 

NEW QUESTION 60
What are two primary components of content filters? (Choose two.)

  • A. content
  • B. conditions
  • C. policies
  • D. actions
  • E. subject

Answer: B,D

Explanation:
Explanation/Reference:
https://www.cisco.com/c/en/us/td/docs/security/ces/user_guide/esa_user_guide_11-1/ b_ESA_Admin_Guide_ces_11_1/b_ESA_Admin_Guide_chapter_01010.pdf

 

NEW QUESTION 61
Which two features are applied to either incoming or outgoing mail policies? (Choose two.)

  • A. sender reputation filtering
  • B. antivirus
  • C. application filtering
  • D. Indication of Compromise
  • E. outbreak filters

Answer: B,E

Explanation:
Reference:
https://www.cisco.com/c/en/us/td/docs/security/esa/esa11-1/user_guide/ b_ESA_Admin_Guide_11_1/b_ESA_Admin_Guide_chapter_01001.html

 

NEW QUESTION 62
Refer to the exhibit.

Which SPF record is valid for mycompany.com?

  • A. v=spf1 a mx ip4:199.209.31.2 -all
  • B. v=spf1 a mx ip4:199.209.31.21 -all
  • C. v=spf1 a mx ip4:10.1.10.23 -all
  • D. v=spf1 a mx ip4:172.16.18.230 -all

Answer: D

 

NEW QUESTION 63
A network administrator notices that there are a high number of queries to the LDAP server. The mail logs show an entry "550 Too many invalid recipients | Connection closed by foreign host." Which feature must be used to address this?

  • A. LDAP
  • B. SMTP
  • C. SBRS
  • D. DHAP

Answer: B

 

NEW QUESTION 64
Refer to the exhibit. What is the correct order of commands to set filter 2 to active?

  • A. filters-> detail-> 2-> 1
  • B. filters-> edit-> 2-> Active
  • C. filters-> modify-> All-> Active
  • D. filters-> set-> 2-> 1

Answer: D

 

NEW QUESTION 65
A Cisco ESA administrator has noticed that new messages being sent to the Centralized Policy Quarantine are being released after one hour. Previously, they were being held for a day before being released.
What was configured that caused this to occur?

  • A. The threshold settings were set to default.
  • B. The threshold settings were set to override the clock settings.
  • C. The retention period was set to default.
  • D. The retention period was changed to one hour.

Answer: A

 

NEW QUESTION 66
Which process is skipped when an email is received from safedomain.com, which is on the safelist?

  • A. outbreak filter
  • B. antispam scanning
  • C. antivirus scanning
  • D. message filter

Answer: B

Explanation:


https://www.cisco.com/c/en/us/td/docs/security/esa/esa13-0/user_guide/b_ESA_Admin_Guide_13-0.pdf P.978
https://www.cisco.com/c/en/us/td/docs/security/esa/esa13-0/user_guide/b_ESA_Admin_Guide_13-0.pdf P.123

 

NEW QUESTION 67

Refer to the exhibit. How should this configuration be modified to stop delivering Zero Day malware attacks?

  • A. Apply Prepend on Modify Message Subject under Malware Attachments.
  • B. Configure mailbox auto-remediation.
  • C. Change Unscannable Action from Deliver As Is to Quarantine.
  • D. Change File Analysis Pending action from Deliver As Is to Quarantine.

Answer: B

 

NEW QUESTION 68
Which scenario prevents a message from being sent to the quarantine as an action in the scan behavior on Cisco ESA?

  • A. The "add custom header" action is performed first.
  • B. The "modify the message subject" is already set.
  • C. More than one email pipeline is defined.
  • D. A policy quarantine is missing.

Answer: C

 

NEW QUESTION 69
When outbreak filters are configured, which two actions are used to protect users from outbreaks?
(Choose two.)

  • A. drop
  • B. return
  • C. redirect
  • D. abandon
  • E. delay

Answer: C,E

Explanation:
Explanation/Reference: https://www.cisco.com/c/en/us/td/docs/security/esa/esa12-0/user_guide/ b_ESA_Admin_Guide_12_0/b_ESA_Admin_Guide_chapter_01110.html

 

NEW QUESTION 70
Which attack is mitigated by using Bounce Verification?

  • A. denial of service
  • B. smurf
  • C. eavesdropping
  • D. spoof

Answer: A

Explanation:
Explanation/Reference: https://www.networkworld.com/article/2305394/ironport-adds-bounce-back-verification-for-e- mail.html

 

NEW QUESTION 71
Refer to the exhibit. An engineer is trying to connect to a Cisco ESA using SSH and has been unsuccessful. Upon further inspection, the engineer notices that there is a loss of connectivity to the neighboring switch.

Which connection method should be used to determine the configuration issue?

  • A. serial
  • B. Telnet
  • C. HTTPS
  • D. Ethernet

Answer: A

 

NEW QUESTION 72
Refer to the exhibits. What must be done to enforce end user authentication before accessing quarantine?

  • A. Enable SPAM Quarantine Notification and add the %quarantine_url% variable.
  • B. Change the end user quarantine access setting from None authentication to Mailbox.
  • C. Enable SPAM notification and use LDAP for authentication.
  • D. Change the end user quarantine access from None authentication to SAAS.

Answer: C

Explanation:
https://www.cisco.com/c/en/us/support/docs/security/email-security-appliance/118692-configure- esa-00.html#anc7

 

NEW QUESTION 73
What are two phases of the Cisco ESA email pipeline? (Choose two.)

  • A. delivery
  • B. reject
  • C. workqueue
  • D. quarantine
  • E. action

Answer: A,C

 

NEW QUESTION 74
......

Use Real 300-720 Dumps - 100% Free 300-720 Exam Dumps: https://www.pass4surequiz.com/300-720-exam-quiz.html

300-720 Exam Dumps, Test Engine Practice Test Questions: https://drive.google.com/open?id=1RnT8mvkNA8oZXMtnvpiliBThKmLlNR5A