• Home
  • Articles
  • [Feb-2024] Cisco 300-720 Dumps – Reduce Your Chance of Failure in 300-720 Exam [Q63-Q83]

[Feb-2024] Cisco 300-720 Dumps – Reduce Your Chance of Failure in 300-720 Exam [Q63-Q83]

Share

[Feb-2024] Cisco 300-720 Dumps – Reduce Your Chance of Failure in 300-720 Exam

To help you achieve your ultimate goal, we suggest the actual Cisco 300-720 dumps for your Securing Email with Cisco Email Security Appliance exam preparation to use as your guideline.

NEW QUESTION # 63
Which two statements about configuring message filters within the Cisco ESA are true? (Choose two.)

  • A. The filters command executed from the CLI is used to configure the message filters.
  • B. The filterconfig command executed from the CLI is used to configure message filters.
  • C. Message filters configuration within the web user interface is located within Incoming Content Filters.
  • D. Message filters can be configured only from the CLI.
  • E. Message filters can be configured only from the web user interface.

Answer: A,D

Explanation:
Message filters can only be applied to the ESA via command line. So, you will need command line access to the ESA.
Log into the ESA via command line.
Run the following highlighted commands to apply the message filter to the ESA:
ironport.example.com> filters
Choose the operation you want to perform:
- NEW - Create a new filter.
- IMPORT - Import a filter script from a file.
[]> NEW
Enter filter script. Enter '.' on its own line to end.
large_spam_no_attachment:
if ((body-size > 2097152) AND NOT (attachment-size > 0)) {
quarantine("large_spam");
log-entry("*****This is a large message with no attachments*****");
}
.
1 filters added.


NEW QUESTION # 64
Drag and Drop Question
An administrator must ensure that emails sent from [email protected] are routed through an alternate virtual gateway. Drag and drop the snippet from the bottom onto the blank in the graphic to finish the message filter syntax. Not all snippets are used.

Answer:

Explanation:


NEW QUESTION # 65
An organization wants to use DMARC to improve its brand reputation by leveraging DNS records.
Which two email authentication mechanisms are utilized during this process? (Choose two.)

  • A. SPF
  • B. PKI
  • C. DSTP
  • D. TLS
  • E. DKIM

Answer: A,E

Explanation:
Reference:
https://www.cisco.com/c/en/us/products/security/what-is-dmarc.html
SPF (Sender Policy Framework) and DKIM (DomainKeys Identified Mail) are two email authentication mechanisms that are utilized during this process. SPF and DKIM allow the domain owner to publish DNS records that specify the authorized IP addresses or hosts for sending emails from that domain and sign the messages with a cryptographic key to prove their authenticity and integrity.
DMARC (Domain-based Message Authentication, Reporting and Conformance) is an email authentication standard that builds on SPF and DKIM and allows the domain owner to publish DNS records that specify how receivers should handle messages that fail SPF or DKIM verification, such as reject, quarantine, or none, and how to report back the results of DMARC validation.
The other options are not valid email authentication mechanisms that are utilized during this process, because they are not part of DMARC standard.


NEW QUESTION # 66
Which two action types are performed by Cisco ESA message filters? (Choose two.)

  • A. final actions
  • B. non-final actions
  • C. quarantine actions
  • D. discard actions
  • E. filter actions

Answer: A,B

Explanation:
Non-final actions are actions that do not terminate the message filter evaluation, such as adding headers, setting variables, logging, etc. Final actions are actions that end the message filter evaluation and determine the fate of the message, such as accept, drop, bounce, quarantine, etc.


NEW QUESTION # 67
Which two components must be configured to perform DLP scanning? (Choose two.)

  • A. Enable a DLP policy on the Outgoing Mail Policy.
  • B. Add a DLP policy to the DLP Policy Manager.
  • C. Add a DLP policy to the Outgoing Content Filter.
  • D. Enable a DLP policy on the DLP Policy Customizations.
  • E. Add a DLP policy on the Incoming Mail Policy.

Answer: A,B


NEW QUESTION # 68
Which two components must be configured to perform DLP scanning? (Choose two.)

  • A. Enable a DLP policy on the Outgoing Mail Policy.
  • B. Add a DLP policy to the DLP Policy Manager.
  • C. Add a DLP policy to the Outgoing Content Filter.
  • D. Enable a DLP policy on the DLP Policy Customizations.
  • E. Add a DLP policy on the Incoming Mail Policy.

Answer: A,B

Explanation:
To perform DLP scanning on Cisco ESA, two components must be configured:
Add a DLP policy to the DLP Policy Manager, which is a repository of predefined or custom DLP policies that specify what types of data to scan for and what actions to take if a match is found.
Enable a DLP policy on the Outgoing Mail Policy, which is a set of rules that determine how outgoing messages are processed by Cisco ESA, including whether to apply DLP scanning or not.


NEW QUESTION # 69
How does the graymail safe unsubscribe feature function?

  • A. It checks the reputation of the URI and performs the unsubscribe process on behalf of the end user.
  • B. It strips the malicious content of the URI before unsubscribing.
  • C. It checks the URI reputation and category and allows the content filter to take an action on it.
  • D. It redirects the end user who clicks the unsubscribe button to a sandbox environment to allow a safe unsubscribe.

Answer: A


NEW QUESTION # 70
An administrator notices that the Cisco Secure Email Gateway delivery queue on an appliance is consistently full. After further investigation, it is determined that the IP addresses currently in use by appliance are being rate-limited by some destinations. The administrator creates a new interface with an additional IP address using virtual gateway technology, but the issue is not solved Which configuration change resolves the issue?

  • A. Use the CLI command deliveryconfig to set the new interface as the primary interface for mail delivery
  • B. Use the CLI command altsrchost to set the new interface as the source IP address for all mail.
  • C. Use the CLI command alt-src-host to set the new interface as a possible delivery candidate.
  • D. Use the CLI command loadbalance auto to enable mail delivery over all interfaces.

Answer: A

Explanation:
Determining Which Interface is Used for Mail Delivery Unless you specify the output interface via the deliveryconfig</code> command or via a message filter ( alt-src-host ), or through the use of a virtual gateway, the output interface is selected by the AsyncOS routing table. https://www.cisco.com/c/en/us/td/docs/security/esa/esa11-1/user_guide/b_ESA_Admin_Guide_11_1/b_ESA_Admin_Guide_chapter_011001.html?bookSearch=true


NEW QUESTION # 71
Refer to the exhibit.

Which SPF record is valid for mycompany.com?

  • A. v=spf1 a mx ip4:10.1.10.23 -all
  • B. v=spf1 a mx ip4:172.16.18.230 -all
  • C. v=spf1 a mx ip4:199.209.31.21 -all
  • D. v=spf1 a mx ip4:199.209.31.2 -all

Answer: C

Explanation:
The SPF record for mycompany.com is shown in the exhibit as:
v=spf1 a mx ip4:199.209.31.21 -all
This means that the domain mycompany.com authorizes the following sources to send email on its behalf:
The A record of mycompany.com, which resolves to 199.209.31.21
The MX record of mycompany.com, which points to mail.mycompany.com, which also resolves to 199.209.31.21 The IP address 199.209.31.21 The -all qualifier means that any other source is not authorized and should be rejected.
Therefore, the correct answer is C.
Reference:
SPF Record Syntax
Define your SPF record-Basic setup


NEW QUESTION # 72
Which restriction is in place for end users accessing the spam quarantine on Cisco Secure Email Gateway appliances?

  • A. Direct access via web browser requires authentication.
  • B. Access via a link in a notification is mandatory.
  • C. The end user must be assigned to the Guest role
  • D. Authentication is required when accessing via a link in a notification.

Answer: A

Explanation:
Direct access via web browser requires authentication is the restriction that is in place for end users accessing the spam quarantine on Cisco Secure Email Gateway appliances. Spam quarantine is a feature that allows Cisco ESA to store messages that are suspected to be spam and allow end users or administrators to review them and release or delete them as needed.
End users can access their personal spam quarantine on Cisco ESA either by clicking on a link in a notification email or by entering their email address and password in a web browser. In both cases, authentication is required to ensure security and privacy.
The other options are not valid restrictions that are in place for end users accessing the spam quarantine on Cisco Secure Email Gateway appliances, because they are either not mandatory or not related to authentication.


NEW QUESTION # 73
Which two steps are needed to disable local spam quarantine before external quarantine is enabled? (Choose two.)

  • A. Select Security Services and click Spam Quarantine.
  • B. Check the External Safelist/Blocklist check box.
  • C. Uncheck the Enable Spam Quarantine check box.
  • D. Select Monitor and click Spam Quarantine.
  • E. Select External Spam Quarantine and click on Configure.

Answer: C,D

Explanation:
Reference:
https://www.cisco.com/c/en/us/support/docs/security/email-security-appliance/118555-qa-esa- 00.html (configuration summary)


NEW QUESTION # 74
A company has deployed a new mandate that requires all emails sent externally from the Sales Department to be scanned by DLP for PCI-DSS compliance. A new DLP policy has been created on the Cisco ESA and needs to be assigned to a mail policy named `Sales' that has yet to be created.
Which mail policy should be created to accomplish this task?

  • A. Outgoing Mail Policy
  • B. Preliminary Mail Policy
  • C. Incoming Mail Flow Policy
  • D. Outgoing Mail Flow Policy

Answer: A

Explanation:
https://www.cisco.com/c/en/us/td/docs/security/esa/esa12-
0/user_guide/b_ESA_Admin_Guide_12_0/b_ESA_Admin_Guide_chapter_010001.html#task_140
94


NEW QUESTION # 75
Which two factors must be considered when message filter processing is configured? (Choose two.)

  • A. message-filter order
  • B. lateral processing
  • C. mail policies
  • D. structure of the combined packet
  • E. MIME structure of the message

Answer: A,E

Explanation:
Reference:
https://www.cisco.com/c/en/us/td/docs/security/esa/esa12-0/user_guide/ b_ESA_Admin_Guide_12_0/b_ESA_Admin_Guide_chapter_01000.html


NEW QUESTION # 76
What is the default HTTPS port when configuring spam quarantine on Cisco ESA?

  • A. 0
  • B. 1
  • C. 2
  • D. 3

Answer: B

Explanation:
in the spam quarantine section, you can configure settings for access to the spam quarantine, and by default, HTTP uses port 82 and HTTPS uses port 83.


NEW QUESTION # 77
Which two configurations are used on multiple LDAP servers to connect with Cisco ESA? (Choose two.)

  • A. active-standby
  • B. load balancing
  • C. active-active
  • D. failover
  • E. SLA monitor

Answer: B,D

Explanation:
You can enter multiple host names to configure the LDAP servers for failover or load-balancing. Separate multiple entries with commas.
Reference:
https://www.cisco.com/c/en/us/td/docs/security/ces/user_guide/sma_user_guide/ b_SMA_Admin_Guide_ces_11/b_SMA_Admin_Guide_chapter_01010.html


NEW QUESTION # 78
An organization has multiple Cisco Secure Email Gateway appliances deployed, resulting in several spam quarantines to manage. To manage the quarantined messages, the administrator enabled the centralized spam quarantine on the Cisco Secure Email and Web Manager appliance and configured the external spam quarantine on the Cisco Secure Email Gateway appliances. However, messages are still being directed to the local quarantine on the Cisco Secure Email Gateway appliances What change is necessary to complete the configuration?

  • A. Modify the external spam quarantine settings on the Cisco Secure Email Gateway appliances and change the port to 25
  • B. Disable the local spam quarantine on the Cisco Secure Email Gateway appliances.
  • C. Disable the external spam quarantine on the Cisco Secure Email Gateway appliances
  • D. Modify the incoming mail policies on the Cisco Secure Email Gateway appliances to redirect to the external quarantine

Answer: B

Explanation:
To use the centralized spam quarantine on the Cisco Secure Email and Web Manager appliance, the administrator must disable the local spam quarantine on the Cisco Secure Email Gateway appliances. This will prevent messages from being stored in both quarantines and avoid confusion for end users and administrators. Reference: [Cisco Secure Email and Web Manager User Guide - Configuring Centralized Spam Quarantine]


NEW QUESTION # 79
Drag and drop the graymail descriptions from the left onto the verdict categories they belong to on the right.

Answer:

Explanation:


NEW QUESTION # 80
What is the default behavior of any listener for TLS communication?

  • A. preferred
  • B. preferred-verify
  • C. required
  • D. off

Answer: D


NEW QUESTION # 81
Which antispam feature is utilized to give end users control to allow emails that are spam to be delivered to their inbox, overriding any spam verdict and action on the Cisco ESA?

  • A. end user passthrough list
  • B. end user safelist
  • C. end user spam quarantine access
  • D. end user allow list

Answer: C

Explanation:
Reference:
https://www.cisco.com/c/en/us/td/docs/security/ces/user_guide/esa_user_guide_11-1/b_ESA_Admin_Guide_ces_11_1/b_ESA_Admin_Guide_chapter_011111.pdf


NEW QUESTION # 82
What is the order of virus scanning when multilayer antivirus scanning is configured?

  • A. The McAfee engine scans for viruses first and the default engine scans for viruses second.
  • B. The default engine scans for viruses first and the McAfee engine scans for viruses second.
  • C. The Sophos engine scans for viruses first and the McAfee engine scans for viruses second.
  • D. The McAfee engine scans for viruses first and the Sophos engine scans for viruses second.

Answer: D

Explanation:
https://www.cisco.com/c/en/us/td/docs/security/esa/esa12-0/user_guide/b_ESA_Admin_Guide_12_0/b_ESA_Admin_Guide_chapter_01011.html According to the User Guide for AsyncOS 12.0 for Cisco Email Security Appliances2, the order of virus scanning when multilayer antivirus scanning is configured is as follows:
The McAfee engine scans the message first. If the McAfee engine detects a virus, the message is dropped or repaired, depending on the configuration. If the McAfee engine does not detect a virus, the message is passed to the next layer of scanning.
The Sophos engine scans the message second. If the Sophos engine detects a virus, the message is dropped or repaired, depending on the configuration. If the Sophos engine does not detect a virus, the message is delivered to the recipient.


NEW QUESTION # 83
......

Accurate & Verified Answers As Seen in the Real Exam here: https://tesking.pass4cram.com/300-720-dumps-torrent.html

Related Articles

more
Cisco 300-720 Certification Practice Exam

The most valid exam cram is the best study and review material for your upcoming IT exam. With the useful and accurate pass4cram study material, you will pass your exam with a high core.

Latest Valid Exams

Useful Links

Contact Us

Our Working Time: ( GMT 0:00-15:00 )
From Monday to Saturday

Support: Contact now 

If you have any question please leave me your email address, we will reply and send email to you in 12 hours.

Copyright © 2026 Pass4cram NETWORK CO.,LIMITED. All Rights Reserved. All trademarks used are properties of their respective owners. Privacy Policy