リアルな300-720は100%カバー試験問題をゲット [2023年11月]
問題集まとめ概要は300-720試験問題集はここ
Cisco 300-720試験に合格するには、候補者はCisco Email Security Applianceの異なる機能や機能についての理解を示す必要があります。彼らはまた、電子メールセキュリティに関連する一般的な問題をトラブルシューティングし、電子メールシステムとネットワークを安全にするためのベストプラクティスを適用できる必要があります。さらに、候補者は、SMTP、DKIM、DMARCなどのさまざまな電子メールセキュリティプロトコルや標準について良好な理解を持っている必要があります。
Cisco Email Securityアプライアンスは、高度な電子メールの脅威から組織を保護するのに役立つ強力な電子メールセキュリティソリューションです。アプライアンスは、スパム、ウイルス、マルウェア、フィッシング攻撃に対する保護を提供します。また、データ損失防止や電子メール暗号化などの高度な機能も提供します。 300-720認定試験に合格することにより、この強力な電子メールセキュリティソリューションを構成および管理するために必要なスキルと知識を獲得できます。
質問 # 85
Refer to the exhibit. Which configuration on the scan behavior must be updated to allow the attachment to be scanned on the Cisco ESA?
- A. Add an additional mapping for attachment type for zip files.
- B. Increase the maximum recursion depth from 5 to a larger value.
- C. Increase the maximum attachment size to scan to a larger value.
- D. Enable assume match pattern if the email was not scanned for any reason.
正解:C
解説:
The maximum attachment size to scan is a configuration on the scan behavior that determines the maximum size of an attachment that Cisco ESA will scan for viruses and malware. If an attachment exceeds this size, Cisco ESA will apply the configured action for unscannable messages, such as deliver, drop, or quarantine.
To allow the attachment to be scanned on the Cisco ESA, this configuration must be updated to a larger value than the attachment size, which is 10 MB according to the message header.
The other options are not valid configurations to allow the attachment to be scanned on the Cisco ESA, because they do not affect the maximum attachment size to scan.
質問 # 86
Drag and drop the steps to configure Cisco ESA to use SPF/SIDF verification from the left into the correct order on the right.
正解:
解説:
質問 # 87
When the Spam Quarantine is configured on the Cisco ESA, what validates end-users via LDAP during login to the End-User Quarantine?
- A. Enabling the End-User Safelist/Blocklist feature
- B. Spam Quarantine External Authentication Query
- C. Spam Quarantine End-User Authentication Query
- D. Spam Quarantine Alias Consolidation Query
正解:C
解説:
Spam Quarantine End-User Authentication Query is a query that Cisco ESA performs against an LDAP server to validate the end-user credentials during login to the End-User Quarantine.
質問 # 88
When email authentication is configured on Cisco ESA, which two key types should be selected on the signing profile? (Choose two.)
- A. Symmetric Keys
- B. Private Keys
- C. Public Keys
- D. DKIM
- E. Domain Keys
正解:D、E
質問 # 89
Which default port is used by the Cisco ESA to quarantine the message on the Cisco Security Management Appliance?
- A. port110/TCP
- B. port443/TCP
- C. port4766/UDP
- D. port 6025/TCP
- E. port 25fTCP
正解:D
質問 # 90
Which type of DNS record would contain the following line, which references the DKIM public key per RFC 6376?
v=DKIM1; p=76E629F05F709EF665853333EEC3F5ADE69A2362BECE406582670456943283BE
- A. CNAME
- B. TXT
- C. AAAA
- D. PTR
正解:B
解説:
A TXT record is a type of DNS record that contains arbitrary text data that can be used for various purposes such as verification, configuration, or authentication. A TXT record can contain the DKIM public key per RFC 6376, which is used to verify the digital signature of an email message generated by the DKIM private key of the sender domain.
The other options are not valid because:
A) A CNAME record is a type of DNS record that maps an alias name to a canonical name or another alias name. It does not contain any DKIM public key information.
B) An AAAA record is a type of DNS record that maps a hostname to an IPv6 address. It does not contain any DKIM public key information.
D) A PTR record is a type of DNS record that maps an IP address to a hostname, which is the reverse of an A or AAAA record. It does not contain any DKIM public key information.
質問 # 91
Drag and Drop Question
Drag and drop the AsyncOS methods for performing DMARC verification from the left into the correct order on the right.
正解:
解説:
質問 # 92
Refer to the exhibit. What is the correct order of commands to set filter 2 to active?
- A. filters-> detail-> 2-> 1
- B. filters-> modify-> All-> Active
- C. filters-> set-> 2-> 1
- D. filters-> edit-> 2-> Active
正解:C
解説:
The correct order of commands to set filter 2 to active on the CLI of Cisco ESA is:
filters, which enters the message filter mode.
set, which sets the status of one or more message filters.
2, which specifies the message filter number.
1, which sets the status of message filter 2 to active.
The other options are not valid orders of commands to set filter 2 to active on the CLI of Cisco ESA, because they use incorrect commands or parameters.
質問 # 93
Which two statements about configuring message filters within the Cisco ESA are true? (Choose two.)
- A. The filters command executed from the CLI is used to configure the message filters.
- B. Message filters configuration within the web user interface is located within Incoming Content Filters.
- C. Message filters can be configured only from the web user interface.
- D. Message filters can be configured only from the CLI.
- E. The filterconfig command executed from the CLI is used to configure message filters.
正解:A、D
解説:
Reference:
https://www.cisco.com/c/en/us/support/docs/security/email-security-appliance/213940-esa-using-a- message-filter-to-take-act.html
質問 # 94
A network administrator notices that there are a high number of queries to the LDAP server. The mail logs show an entry "550 Too many invalid recipients | Connection closed by foreign host." Which feature must be used to address this?
- A. SMTP
- B. DHAP
- C. SBRS
- D. LDAP
正解:A
解説:
https://www.cisco.com/c/en/us/td/docs/security/esa/esa12-
0/user_guide/b_ESA_Admin_Guide_12_0/b_ESA_Admin_Guide_12_0_chapter_011010.html
質問 # 95
An engineer is tasked with reviewing mail logs to confirm that messages sent from domain abc.com are passing SPF verification and being accepted by the Cisco ESA. The engineer notices that SPF verification is not being performed and that SPF is not being referenced in the logs for messages sent from domain abc.com.
Why is the verification not working properly?
- A. The SPF conformance level is set to SIDF compatible on the Mail Flow Policy.
- B. SPF verification is disabled on the Mail Flow Policy.
- C. An SPF verification Content Filter has not been created.
- D. SPF verification is disabled in the Recipient Access Table.
正解:C
質問 # 96
Which action must be taken before a custom quarantine that is being used can be deleted?
- A. Remove the quarantine from the message action of a filter.
- B. Delete the quarantine that is not assigned to a filter.
- C. Delete only the unused quarantine.
- D. Delete the quarantine that is assigned to a filter.
正解:A
解説:
Before a custom quarantine that is being used can be deleted, it must be removed from the message action of any filter that is using it on Cisco ESA. Otherwise, an error message will appear stating that the quarantine cannot be deleted because it is in use.
質問 # 97
Refer to the exhibit. How should this configuration be modified to stop delivering Zero Day malware attacks?
- A. Configure mailbox auto-remediation.
- B. Change Unscannable Action from Deliver As Is to Quarantine.
- C. Apply Prepend on Modify Message Subject under Malware Attachments.
- D. Change File Analysis Pending action from Deliver As Is to Quarantine.
正解:A
質問 # 98
What is the purpose of checking the CRL during SMTP authentication on a Cisco Secure Email Gateway?
- A. Confirm that corresponding CA is present
- B. Verify the common name matches user ID
- C. Validate the date to check if the certificate is still valid
- D. Check if the certificate is not revoked.
正解:D
解説:
The purpose of checking the Certificate Revocation List (CRL) during SMTP authentication on a Cisco Secure Email Gateway is to check if the certificate is not revoked by the issuing Certificate Authority (CA). A revoked certificate means that it is no longer valid and should not be trusted. Reference = [User Guide for AsyncOS 12.0 for Cisco Email Security Appliances - GD (General Deployment) - Configuring SMTP Authentication [Cisco Secure Email Gateway] - Cisco]
質問 # 99
Which method enables an engineer to deliver a flagged message to a specific virtual gateway address in the most flexible way?
- A. Map the envelope sender address to the host.
- B. Issue the altsrchost command.
- C. Apply a filter on the message.
- D. Set up the interface group with the flag.
正解:C
解説:
A filter is a method that enables an engineer to deliver a flagged message to a specific virtual gateway address in the most flexible way. A filter is a rule that allows Cisco ESA to perform actions on messages based on predefined or custom conditions, such as headers, envelope, body, attachments, etc.
To deliver a flagged message to a specific virtual gateway address using a filter, the engineer can create a content filter or message filter that matches the flag condition and applies an action of "deliver via alternate host" with the virtual gateway address as the parameter.
The other options are not methods that enable an engineer to deliver a flagged message to a specific virtual gateway address in the most flexible way, because they have more limitations or requirements than using a filter.
質問 # 100
What are organizations trying to address when implementing a SPAM quarantine?
- A. false negatives
- B. false positives
- C. true negatives
- D. true positives
正解:B
解説:
https://www.cisco.com/c/en/us/td/docs/security/esa/esa12-0/user_guide/b_ESA_Admin_Guide_12_0/b_ESA_Admin_Guide_12_0_chapter_0100000.html#c on_ 1482874
質問 # 101
An email containing a URL passes through the Cisco ESA that has content filtering disabled for all mail policies. The sender is [email protected], the recipients are [email protected], [email protected], [email protected], and [email protected]. The subject of the email is Test Document395898847. An administrator wants to add a policy to ensure that the Cisco ESA evaluates the web reputation score before permitting this email.
Which two criteria must be used by the administrator to achieve this? (Choose two.)
- A. Subject contains Test Document"
- B. Date and time of email
- C. Email does not match [email protected]
- D. Email body contains a URL
- E. Sender matches test1.com
正解:A、D
質問 # 102
A company has recently updated their security policy and now wants to drop all email messages larger than 100 MB coming from external sources. The Cisco Secure Email Gateway is LDAP integrated and all employee accounts are in the group "Employees". Which filter rule configuration provides the desired outcome?
- A. if ('mail-from-group != Employees') and (body-size > 100M) {drop();}
- B. if (mail-from-group == 'Employees') and (body-size > 100M) {bounce();}
- C. if (mail-from-group == 'Employees') and (body-size > "100M") {drop()}
- D. if (mail-from-group != 'Employees') and (body-size > 100M) {drop();}
正解:C
質問 # 103
A network administrator notices that there are a high number of queries to the LDAP server. The mail logs show an entry "550 Too many invalid recipients | Connection closed by foreign host." Which feature must be used to address this?
- A. DHAP
- B. SBRS
- C. SMTP
- D. LDAP
正解:A
解説:
Reference:
https://www.cisco.com/c/en/us/td/docs/security/esa/esa12-0/user_guide/b_ESA_Admin_Guide_12_0/b_ESA_Admin_Guide_12_0_chapter_011010.html DHAP (Directory Harvest Attack Prevention) is a feature that must be used to address this issue. DHAP is a mechanism that allows Cisco ESA to prevent directory harvest attacks, which are attempts by spammers or hackers to obtain valid email addresses from an LDAP server by sending messages with random or guessed recipients and checking for bounce messages.
To enable DHAP on Cisco ESA, the network administrator can follow these steps:
Select Network > Listeners and click Edit Settings for the listener that receives incoming messages.
Under SMTP Authentication Settings, select Enable Directory Harvest Attack Prevention.
Enter a value for Maximum Invalid Recipients per Hour, which is the number of invalid recipients that triggers DHAP.
Enter a value for Block Sender for (hours), which is the duration that Cisco ESA blocks messages from senders who exceed the maximum invalid recipients per hour.
Click Submit.
質問 # 104
When the Cisco ESA is configured to perform antivirus scanning, what is the default timeout value?
- A. 30 seconds
- B. 120 seconds
- C. 90 seconds
- D. 60 seconds
正解:D
解説:
Reference:
https://www.cisco.com/c/en/us/td/docs/security/esa/esa12-0/user_guide/ b_ESA_Admin_Guide_12_0/b_ESA_Admin_Guide_chapter_01011.html
質問 # 105
When URL logging is configured on a Cisco ESA, which feature must be enabled first?
- A. antivirus
- B. virus outbreak filter
- C. antispam
- D. senderbase reputation filter
正解:B
解説:
Enabling Logging of URLs and Message Tracking Details for URLs
Logging of URL-related logs, and display of this information in Message Tracking details, is disabled by default. This includes the logs for the following events:
Category of any URL in the message matches the URL category filters
Reputation score of any URL in the message matches URL reputation filters Outbreak Filter rewrites any URL in the message To enable logging of these events, use the outbreakconfig command in the command-line interface (CLI).
https://www.cisco.com/c/en/us/td/docs/security/esa/esa11-1/user_guide/b_ESA_Admin_Guide_11_1/b_ESA_Admin_Guide_chapter_01110.html?bookSearch=true
質問 # 106
......
Cisco 300-720 認定試験の出題範囲:
| トピック | 出題範囲 |
|---|---|
| トピック 1 |
|
| トピック 2 |
|
| トピック 3 |
|
| トピック 4 |
|
| トピック 5 |
|
| トピック 6 |
|
| トピック 7 |
|
| トピック 8 |
|
| トピック 9 |
|
| トピック 10 |
|
認定トレーニングは300-720試験問題集テストエンジン:https://jp.fast2test.com/300-720-premium-file.html
300-720トレーニングと認定最新のCCNP Security問題をゲットせよ:https://drive.google.com/open?id=1muAa50SZMvT2mr6Sw3odB7VIFmxr8QNP