Page: 1
/ 4
Total 64 questions
How does the graymail safe unsubscribe feature function?
- A. It strips the malicious content of the URI before unsubscribing.
- B. It checks the URI reputation and category and allows the content filter to take an action on it.
- C. It redirects the end user who clicks the unsubscribe button to a sandbox environment to allow a safe unsubscribe.
- D. It checks the reputation of the URI and performs the unsubscribe process on behalf of the end user.
Answer : D
Reference:
https://www.cisco.com/c/en/us/support/docs/security/email-security-appliance/200383-Graymail-Detection-and-Safe-Unsubscribin.html
Which method enables an engineer to deliver a flagged message to a specific virtual gateway address in the most flexible way?
- A. Set up the interface group with the flag.
- B. Issue the altsrchost command.
- C. Map the envelope sender address to the host.
- D. Apply a filter on the message.
Answer : B
Reference:
https://www.cisco.com/c/en/us/td/docs/security/esa/esa11-1/user_guide/b_ESA_Admin_Guide_11_1/ b_ESA_Admin_Guide_chapter_01000.html#con_1133810
An administrator is trying to enable centralized PVO but receives the error, "Unable to proceed with Centralized Policy, Virus and Outbreak Quarantines configuration as esa1 in Cluster has content filters / DLP actions available at a level different from the cluster level."
What is the cause of this error?
- A. Content filters are configured at the machine-level on esa1.
- B. DLP is configured at the cluster-level on esa2.
- C. DLP is configured at the domain-level on esa1.
- D. DLP is not configured on host1.
Answer : D
Reference:
https://www.cisco.com/c/en/us/support/docs/security/email-security-appliance/118026-technote-esa-00.html
Which feature must be configured before an administrator can use the outbreak filter for nonviral threats?
- A. quarantine threat level
- B. antispam
- C. data loss prevention
- D. antivirus
Answer : B
Reference:
https://www.cisco.com/c/en/us/td/docs/security/esa/esa12-0/user_guide/b_ESA_Admin_Guide_12_0/b_ESA_Admin_Guide_chapter_01110.html
Which type of attack is prevented by configuring file reputation filtering and file analysis features?
- A. denial of service
- B. zero-day
- C. backscatter
- D. phishing
Answer : B
Reference:
https://www.cisco.com/c/en/us/td/docs/security/esa/esa12-0/user_guide/b_ESA_Admin_Guide_12_0/ b_ESA_Admin_Guide_chapter_010000.html#con_1809885
When DKIM signing is configured, which DNS record must be updated to load the DKIM public signing key?
- A. AAAA record
- B. PTR record
- C. TXT record
- D. MX record
Answer : C
Reference:
https://www.cisco.com/c/en/us/support/docs/security/email-security-appliance/213939-esa-configure-dkim-signing.html
Which attack is mitigated by using Bounce Verification?
- A. spoof
- B. denial of service
- C. eavesdropping
- D. smurf
Answer : B
Reference:
https://www.networkworld.com/article/2305394/ironport-adds-bounce-back-verification-for-e-mail.html
When outbreak filters are configured, which two actions are used to protect users from outbreaks? (Choose two.)
- A. redirect
- B. return
- C. drop
- D. delay
- E. abandon
Answer : AD
Reference:
https://www.cisco.com/c/en/us/td/docs/security/esa/esa12-0/user_guide/b_ESA_Admin_Guide_12_0/b_ESA_Admin_Guide_chapter_01110.html
Which two features are applied to either incoming or outgoing mail policies? (Choose two.)
- A. Indication of Compromise
- B. application filtering
- C. outbreak filters
- D. sender reputation filtering
- E. antivirus
Answer : CE
Reference:
https://www.cisco.com/c/en/us/td/docs/security/esa/esa11-1/user_guide/b_ESA_Admin_Guide_11_1/b_ESA_Admin_Guide_chapter_01001.html
What must be configured to allow the Cisco ESA to encrypt an email using the Cisco Registered Envelope Service?
- A. provisioned email encryption profile
- B. message encryption from a content filter that select "Message Encryption" over TLS
- C. message encryption from the mail flow policies with "CRES" selected
- D. content filter to forward the email to the Cisco Registered Envelope server
Answer : B
Reference:
https://www.cisco.com/c/en/us/td/docs/security/esa/esa12-0/user_guide/b_ESA_Admin_Guide_12_0/b_ESA_Admin_Guide_chapter_010010.html
Which two configurations are used on multiple LDAP servers to connect with Cisco ESA? (Choose two.)
- A. load balancing
- B. SLA monitor
- C. active-standby
- D. failover
- E. active-active
Answer : AD
Explanation:
You can enter multiple host names to configure the LDAP servers for failover or load-balancing. Separate multiple entries with commas.
Reference:
https://www.cisco.com/c/en/us/td/docs/security/ces/user_guide/sma_user_guide/b_SMA_Admin_Guide_ces_11/ b_SMA_Admin_Guide_chapter_01010.html
What is the default port to deliver emails from the Cisco ESA to the Cisco SMA using the centralized Spam Quarantine?
- A. 8025
- B. 6443
- C. 6025
- D. 8443
Answer : C
Reference:
https://www.cisco.com/c/en/us/support/docs/security/email-security-appliance/118692-configure-esa-00.html
DRAG DROP -
Drag and drop the AsyncOS methods for performing DMARC verification from the left into the correct order on the right.
Select and Place:
Answer :
Reference:
https://www.cisco.com/c/en/us/td/docs/security/esa/esa11-1/user_guide/b_ESA_Admin_Guide_11_1/b_ESA_Admin_Guide_11_1_chapter_010101.html
Which two steps are needed to disable local spam quarantine before external quarantine is enabled? (Choose two.)
- A. Uncheck the Enable Spam Quarantine check box.
- B. Select Monitor and click Spam Quarantine.
- C. Check the External Safelist/Blocklist check box.
- D. Select External Spam Quarantine and click on Configure.
- E. Select Security Services and click Spam Quarantine.
Answer : AB
Reference:
https://www.cisco.com/c/en/us/support/docs/security/email-security-appliance/118555-qa-esa-00.html
(configuration summary)