Cisco 300-720 Securing Email with Cisco Email Security Appliance SESA Exam Practice Test

Answer : B

According to the [Cisco Secure Email User Guide], graymail is a category of email messages that are not spam but may be unwanted by some recipients, such as newsletters, promotions, or social media updates[5, p. 25]. Marketing is one of the subcategories of graymail that includes messages that advertise products or services[5, p. 26].

The other options are not valid because:

A) Malicious is not a category for classifying graymail. It is a category for classifying email messages that contain malicious content such as malware, phishing, or fraud[5, p. 25].

C) Spam is not a category for classifying graymail. It is a category for classifying email messages that are unsolicited, unwanted, or harmful[5, p. 25].

D) Priority is not a category for classifying graymail. It is a category for classifying email messages that are important, urgent, or relevant[5, p. 25].

Answer : A

The content filter condition that checks to see if the ''From: header'' in the message is similar to any of the users in the content dictionary is Forged Email Detection. This condition compares the sender's name or email address with a list of names or email addresses in a content dictionary and triggers an action if they match or are similar.Reference: [Cisco Secure Email Gateway Administrator Guide - Forged Email Detection]

Answer : C

To encrypt SMTP with TLS on a Cisco Secure Email Gateway appliance when the sender requires TLS verification, the components that are required are an X.509 certificate and matching private key from a CA. The certificate must be signed by a trusted CA and contain the domain name or IP address of the listener in the Subject or Subject Alternative Name fields. The private key must be unencrypted and match the certificate.Reference: [Cisco Secure Email Gateway Administrator Guide - Configuring TLS]

Answer : D

According to theUser Guide for Cisco Secure Email Encryption Service Add-In 1, the 'Use-Script' option allows you to use JavaScript in the encrypted message envelope. This option is enabled by default, but you can disable it if you want to send encrypted messages to recipients who have security policies that block JavaScript attachments[2, p. 14].

The other options are not valid because:

A)Inserting the X-PostX-Use-Script header with a value of false to the encrypted messages is not a supported feature of the Cisco Secure Email Encryption Service Add-in1.

B) Selecting JavaScript-free option within the Cisco Secure Email Encryption Service Add-in is not a valid option.The add-in does not have such an option1.

C) Creating an outgoing content filter and adding the Encrypt and Deliver Nov/ action with Use-Script option deselected is not possible. The Encrypt and Deliver Nov/ action does not have a Use-Script option[2, p. 13].

Answer : C

If the assigned certificate under one of the IP interfaces is modified, then the HTTPS traffic when connecting to the web user interface of the Cisco Secure Email Gateway will be impacted. The administrator must ensure that the certificate is valid and trusted by the browser or client that is used to access the web user interface. Otherwise, the connection may fail or generate a warning message.Reference: [Cisco Secure Email Gateway Administrator Guide - Configuring Certificates]

Answer : A

Answer : B

To use DKIM for outbound email, the administrator must export the DNS TXT record from the Cisco Secure Email Gateway and provide it to the DNS registrar of the domain. This will allow the recipient servers to verify the DKIM signature of the email by querying the DNS record of the sender domain.Reference: [Cisco Secure Email Gateway Administrator Guide - Configuring DKIM Signing]