2024年最新のお手軽に合格させる300-720試験にはこちらが提供する問題集PDFテストエンジン
300-720のPDFで合格させるスゴ問題集で300-720最新のリアル試験問題
質問 # 42
When the Spam Quarantine is configured on the Cisco ESA, what validates end-users via LDAP during login to the End-User Quarantine?
- A. Spam Quarantine End-User Authentication Query
- B. Spam Quarantine Alias Consolidation Query
- C. Spam Quarantine External Authentication Query
- D. Enabling the End-User Safelist/Blocklist feature
正解:A
解説:
Explanation/Reference: https://www.cisco.com/c/en/us/support/docs/security/email-security-appliance/118692- configure-esa-00.html
質問 # 43
What must be configured to allow the Cisco ESA to encrypt an email using the Cisco Registered Envelope Service?
- A. provisioned email encryption profile
- B. message encryption from a content filter that select "Message Encryption" over TLS
- C. message encryption from the mail flow policies with "CRES" selected
- D. content filter to forward the email to the Cisco Registered Envelope server
正解:A
解説:
To allow the Cisco ESA to encrypt an email using the CRES (Cisco Registered Envelope Service), a provisioned email encryption profile must be configured on Cisco ESA. A provisioned email encryption profile is a type of encryption profile that specifies how messages are encrypted using CRES, such as the encryption key strength, the notification options, the branding settings, etc.
質問 # 44
To comply with a recent audit, an engineer must configure anti-virus message handling options on the incoming mail policies to attach warnings to the subject of an email.
What should be configured to meet this requirement for known viral emails?
- A. Positively Identified Messages
- B. Encrypted Messages
- C. Virus Infected Messages
B Unscannable Messages
正解:A
質問 # 45
Which action on the Cisco ESA provides direct access to view the safelist/blocklist?
- A. Export the SLBL to a .csv file.
- B. Show the SLBL cache on the CLI.
- C. Debug the mail flow policy.
- D. Monitor Incoming/Outgoing Listener.
正解:A
解説:
Reference:
https://www.cisco.com/c/en/us/support/docs/security/email-security-appliance/117922-technote- esa-00.html
質問 # 46
Which components are required when encrypting SMTP with TLS on a Cisco Secure Email Gateway appliance when the sender requires TLS verification?
- A. X. 509 certificate and matching private key from a CA
- B. self-signed certificate in PKCS#7 format
- C. DER certificate and matching public key from a CA
- D. self-signed certificate in PKCS#12 format
正解:A
解説:
To encrypt SMTP with TLS on a Cisco Secure Email Gateway appliance when the sender requires TLS verification, the components that are required are an X.509 certificate and matching private key from a CA. The certificate must be signed by a trusted CA and contain the domain name or IP address of the listener in the Subject or Subject Alternative Name fields. The private key must be unencrypted and match the certificate. Reference: [Cisco Secure Email Gateway Administrator Guide - Configuring TLS]
質問 # 47
Which type of query must be configured when setting up the Spam Quarantine while merging notifications?
- A. Spam Quarantine Alias Masquerading Query
- B. Spam Quarantine Alias Authentication Query
- C. Spam Quarantine Alias Routing Query
- D. Spam Quarantine Alias Consolidation Query
正解:D
質問 # 48
Which two query types are available when an LDAP profile is configured? (Choose two.)
- A. proxy consolidation
- B. routing
- C. user
- D. group
- E. recursive
正解:B、D
解説:
Reference:
https://www.cisco.com/c/en/us/td/docs/security/esa/esa12-0/user_guide/ b_ESA_Admin_Guide_12_0/b_ESA_Admin_Guide_12_0_chapter_011010.html
質問 # 49
An Encryption Profile has been set up on the Cisco ESA.
Drag and drop the steps from the left for creating an outgoing content filter to encrypt emails that contains the subject "Secure:" into the correct order on the right.
正解:
解説:

質問 # 50
Which two steps configure Forged Email Detection? (Choose two.)
- A. Enable Forged Email Detection on the Security Services page.
- B. Configure a content dictionary with friendly names.
- C. Configure a content dictionary with executive email addresses.
- D. Configure a filter to use the Forged Email Detection rule and dictionary.
- E. Configure a filter to check the Header From value against the Forged Email Detection dictionary.
正解:C、D
質問 # 51
How does the graymail safe unsubscribe feature function?
- A. It checks the URI reputation and category and allows the content filter to take an action on it.
- B. It checks the reputation of the URI and performs the unsubscribe process on behalf of the end user.
- C. It redirects the end user who clicks the unsubscribe button to a sandbox environment to allow a safe unsubscribe.
- D. It strips the malicious content of the URI before unsubscribing.
正解:B
解説:
Explanation/Reference: https://www.cisco.com/c/en/us/support/docs/security/email-security-appliance/200383- Graymail-Detection-and-Safe-Unsubscribin.html
質問 # 52
An administrator is managing multiple Cisco ESA devices and wants to view the quarantine emails from all devices in a central location.
How is this accomplished?
- A. Disable the VOF feature before sending SPAM to the external quarantine.
- B. Configure a user policy to determine whether the message is sent to the local or external quarantine.
- C. Configure a mail policy to determine whether the message is sent to the local or external quarantine.
- D. Disable the local quarantine before sending SPAM to the external quarantine.
正解:C
解説:
https://www.cisco.com/c/en/us/td/docs/security/esa/esa12-
0/user_guide/b_ESA_Admin_Guide_12_0/b_ESA_Admin_Guide_12_0_chapter_0100000.html#t ask _1749146
質問 # 53
Which two components form the graymail management solution in Cisco ESA? (Choose two.)
- A. improved mail efficacy
- B. cloud-based unsubscribe service
- C. uniform unsubscription management interface for end users
- D. integrated graymail scanning engine
- E. secure subscribe option for end users
正解:B、D
解説:
Reference:
https://www.cisco.com/c/en/us/td/docs/security/esa/esa12-0/user_guide/ b_ESA_Admin_Guide_12_0/b_ESA_Admin_Guide_chapter_01101.pdf (p.2)
質問 # 54
An engineer deploys a Cisco Secure Email Gateway appliance with default settings in an organization that permits only standard H feature does not work. Which additional action resolves the issue?
- A. Configure the outbound firewall rule to permit traffic on port 3237
- B. Enable the Use HTTP option under Advanced Settings for File Reputation.
- C. TP/HTTPS ports outbound and notices that the AMP file reputation
- D. Enable the Use SSL option under Advanced Settings for File Reputation.
- E. Configure the outbound firewall rule to permit traffic on port 8081
正解:C
解説:
Configuring the outbound firewall rule to permit traffic on port 3237 is the additional action that resolves the issue. AMP file reputation is a feature that allows Cisco ESA to check files attached to messages against a cloud-based database of known malicious files and apply appropriate actions, such as block, deliver, or quarantine.
By default, AMP file reputation uses TCP port 3237 to communicate with the cloud-based database. If this port is blocked by a firewall, AMP file reputation will not work properly.
To resolve this issue, the administrator can configure the outbound firewall rule to permit traffic on port 3237 from Cisco ESA.
The other options are not valid actions to resolve the issue, because they do not affect the port used by AMP file reputation.
質問 # 55
When the Cisco ESA is configured to perform antivirus scanning, what is the default timeout value?
- A. 60 seconds
- B. 30 seconds
- C. 90 seconds
- D. 120 seconds
正解:A
質問 # 56
When the Cisco ESA is configured to perform antivirus scanning, what is the default timeout value?
- A. 60 seconds
- B. 30 seconds
- C. 90 seconds
- D. 120 seconds
正解:A
解説:
When Cisco ESA is configured to perform antivirus scanning, the default timeout value is 60 seconds, which means that Cisco ESA will wait for 60 seconds for the antivirus engine to scan a message before applying the configured action for unscannable messages, such as deliver, drop, or quarantine.
質問 # 57
......
Cisco 300-720認定試験は、Cisco Email Securityアプライアンスを使用して電子メールを保護する際にIT専門家の知識とスキルをテストするように設計されています。この認定試験は、Cisco Email Securityアプライアンスを使用して電子メールセキュリティソリューションの設計、実装、および管理に関与している人を対象としています。この認定試験の合格は、電子メールの保護に関する専門知識の検証です。これは、組織のセキュリティ戦略の重要な要素です。
300-720問題集はあなたの合格を必ず保証します:https://jp.fast2test.com/300-720-premium-file.html
有効な300-720テスト解答300-720試験PDF:https://drive.google.com/open?id=1efhzntR7i0-xBf3WZFmUgP_q5yx_Nemn