Free Cisco 300-720 Practice Exam with Questions & Answers | Set: 5

Outbreak Filters can take the action of rewriting URLs to redirect traffic to potentially harm ful websites through a web security proxy. This allows the Cisco Secure Email Gateway to scan the content of the websites and block or warn the user if they are malicious or undesirable. This action can stop small-scale and nonviral attacks, such as phishi ng scams and malware distribution sites, that may not be detected by other filters.  References : [Cisco Secure Email Gateway Administrator Guide - Configuring Outbreak Filters]

Modify Subject is an additional option that should be used to help the end users be aware of the elevated risk of interacting with these messages. Modify Subject allows the administrator to add a prefix or suffix to the message subject, such as “[SPF Fail]”, to indicate that the message has failed the SPF verification and may be fraudulent or spoofed.

The other options are not valid additional options to help the end users be aware of the elevated risk of interacting with these messages, because they do not affect the message subject or provide any warning to the end users.

If you are unable to access the user interface of the Cisco Secure Email Gateway appliance after manipulating the subnet mask, you can use the serial or console port to perform the initial configuration.  The serial or console port provides a command-line interface that allows you to configure basic network settings such as IP address, subnet mask, gateway, and hostname 3 . References =  User Guide for AsyncOS 12.0 for Cisco Email Security Appli ances - GD (General Deployment) - Configuring Network Settings [Cisco Secure Email Gateway] - Cisco

When DKIM (DomainKeys Identified Mail) signing is configured on Cisco ESA, the DNS record that must be updated to load the DKIM public signing key is the TXT record. The TXT record is used to store arbitrary text information in the DNS, such as the DKIM public key, which can be retrieved by the recipients to verify the DKIM signature in the message header.

The default behavior of any listener for TLS communication is B. off. This means that TLS is not allowed for incoming connections to the listener and connection s to the listener do not require encrypted Simple Mail Transfer Protocol (SMTP) conversations. This is stated in the web search result  1 .  To enable TLS for a listener, you need to configure the Use TLS option in the mail flow policy settings for the listener on the Mail P olicies > HAT Overview page 1 .  You can choose from three different settings for TLS: No, Preferred, or Required 1 .

The type of attack that is prevented by configuring file reputation filtering and file analysis features is zero-day. Zero-day attacks are those that exploit unknown vulnerabilities in software or systems before they are patched or fixed. File reputation filtering and file analysis features help to protect against zero-day attacks by checking the reputation of files attached to email messages and sending them to a cloud-based service for dynamic analysis.

Step 1: Select Microsoft O365 as the message source.

Step 2: Set the Microsoft 365 Authentication to Read (visibility only, no remediation).

Step 3: Log in with a Microsoft 365 Global Admin account.

Step 4: Accept the permissions requested for the Secure Email Threat Defense app.

Public/Private keypair. A public/private keypair is a pair of cryptographic keys that are used to generate and verify digital signatures. The private key is used to sign the email message, while the public key is used to verify the signature. The public ke y is published in a DNS record, while the private key is stored on the Cisco Secure Email Gateway appliance[ 1 , p. 2].

Domain signing profile. A domain signing profile is a configuration that specifies the domain and selector to use for signing outgoing mes sages, as well as the signing algorithm, canonicalization method, and header fields to include in the signature. You can create multiple domain signing profiles for different domains or subdomains[ 1 , p. 3].

The other options are not valid because:

A. DMARC verification profile is not a component for utilizing a digital signature in outgoing emails. It is a component for verifying the authenticity of incoming emails based on SPF and DKIM results[ 2 , p. 1].

B. SPF record is not a component for utilizing a digi tal signature in outgoing emails. It is a component for validating the sender IP address of incoming emails based on a list of authorized IP addresses published in a DNS record[ 3 , p. 1].

E. PKI certificate is not a component for utilizing a digital signatu re in outgoing emails. It is a component for encrypting and decrypting email messages based on a certificate authority that issues and validates certificates[ 4 , p. 1].

Accept is the action that must be set for messages that result in temporary failure to prevent these emails from being rejected. Accept allows Cisco ESA to deliver the messages without applying any DMARC actions or modifications.

To configure the accept action for messages that result in temporary failure on Cisco ESA, the administrator can follow these steps:

Select Mail Policies > DMARC Verification Profile and click Edit Settings for the DMARC verification profile that applies to the messages.

Under DMARC Actions, select Accept from the drop-down menu for Messages That Result in Temporary Failure.

Click Submit.

The other options are not valid actions for messages that result in temporary failure to prevent these emails from being rejected, because they either apply DMARC actions or modifications or do nothing.

Enabling regional scanning improves security for this organization when most of the received email originates from a specific region. Regional scanning is a feature that allows Cisco ESA to apply different spam thresholds and actions based on the geographic region of the sender’s IP address, using a database of IP addresses and regions.

To enable regional scanning on Cisco ESA, the administrator can follow these steps:

Select Security Services > IronPort Anti-Spam and click Edit Settings.

Under Regional Scanning, select Enable Regional Scanning.

Click Submit.

Select Security Services > IronPort Anti-Spam > Regional Settings and click Add Region.

Choose a region from the drop-down menu, such as Asia Pacific.

Enter a spam threshold and an action for that region, such as 80 and Drop.

Click Submit.