300-720 Online Practice Questions and Answers

Which action must be taken before a custom quarantine that is being used can be deleted?

A. Delete the quarantine that is assigned to a filter.

B. Delete the quarantine that is not assigned to a filter.

C. Delete only the unused quarantine.

D. Remove the quarantine from the message action of a filter.

Which type of query must be configured when setting up the Spam Quarantine while merging notifications?

A. Spam Quarantine Alias Routing Query

B. Spam Quarantine Alias Consolidation Query

C. Spam Quarantine Alias Authentication Query

D. Spam Quarantine Alias Masquerading Query

A network administrator notices that there are a high number of queries to the LDAP server. The mail logs show an entry "550 Too many invalid recipients | Connection closed by foreign host." Which feature must be used to address this?

A. DHAP

B. SBRS

C. LDAP

D. SMTP

Which feature must be activated on a Cisco ESA to combat backscatter?

A. Graymail Detection

B. Bounce Profile

C. Forged Email Detection

D. Bounce Verification

An organization has a strict policy on URLs embedded in emails. The policy allows visibility into what the URL is but does not allow the user to click it. Which action must be taken to meet the requirements of the security policy?

A. Defang the URL.

B. Enable the URL quarantine policy.

C. Replace the URL with text.

D. Redirect the URL to the Cisco security proxy.

A Cisco ESA administrator recently enabled the Outbreak Filters Global Service Setting to detect Viral as well as Non-Viral threat detection, with no detection of Non-Viral threats after 24 hours of monitoring Outbreak Filters. What is the reason that Non-Viral threat detection is not detecting any positive verdicts?

A. The Outbreak Filters option Graymail Header must be enabled.

B. The Outbreak Filters option URL Rewriting must be enabled.

C. Non-Viral threat detection requires AntiSpam or Intelligent Multi-Scan enablement to properly function.

D. Non-Viral threat detection requires AntiVirus or AMP enablement to properly function.

A network administrator has enabled virus scanning with the Sophos antivirus engine and set the "drop infected mail" option on a Cisco ESA; however, end users are still complaining about the large number of phishing emails they receive. What must be done to resolve this problem?

A. Configure Reputation Filtering

B. Configure Content Filtering

C. Configure Outbreak Filtering

D. Change the antivirus engine to McAfee.

An engineer is tasked with creating a content filter to catch attachments, including credit card numbers, and hold them for review until further action is taken. Which component on a Cisco ESA must be configured to meet this requirement?

A. Spam Quarantine

B. Outbreak Filter

C. Policy Quarantine

D. Content Filter

An organization wants to designate help desk personnel to assist with tickets that request the release of messages from the spam quarantine because company policy does not permit end-user quarantine access to employees directly. Which two roles must be used for these personnel to release messages while restricting access to make configuration changes in the Cisco ESA? (Choose two.)

A. Administrator

B. Read-Only Operator

C. Technician

D. Quarantine Administrator

E. Help Desk User

What is a benefit of deploying Cisco Secure Email and Web Manager?

A. centralized management of software updates for Cisco Secure Email Gateway

B. centralized management of logs for Cisco Secure Email Gateway

C. centralized management of quarantined email

D. centralized management of botnet directories