Pass the Cisco CCNP Security 300-720 Questions and answers with CertsForce

To perform DLP scanning on Cisco ESA, two components must be configured:

Add a DLP policy to the DLP Policy Manager, which is a repository of predefined or custom DLP policies that specify what types of data to scan for and what actions to take if a match is found.

Enable a DLP policy on the Outgoing Mail Policy, which is a set of rules that determine how outgoing messages are processed by Cisco ESA, including whether to apply DLP scanning or not.

Direct access via web browser requires authentication is the restriction that is in place for end users accessing the spam quarantine on Cisco Secure Email Gateway appliances. Spam quarantine is a feature that allows Cisco ESA to store messages that are suspected to be spam and allow end users or administrators to review them and release or delete them as needed.

End users can access their personal spam quarantine on Cisco ESA either by clicking on a link in a notification email or by entering their email address and password in a web browser. In both cases, authentication is required to ensure security and privacy.

The other options are not valid restrictions that are in place for end users accessing the spam quarantine on Cisco Secure Email Gateway appliances, because they are either not mandatory or not related to authentication.

By modifying the mail policies, specifically the recipient matching criteria, you can ensure that email recipients do not match multiple policies simultaneously. When recipients in the email message belong to different domains (e.g., cisco.com and test.com), it can result in multiple policies being triggered simultaneously, leading to inconsistent delivery of emails with attachments.

DLP is for outgoing mail only and not relevant to incoming mail.

User and routing are two query types that are available when an LDAP profile is configured on Cisco ESA. User queries are used to validate end-user credentials, such as for Spam Quarantine End-User Authentication or SMTP Authentication. Routing queries are used to determine the destination mail server for a recipient, such as for Mail Flow Policies or Delivery Methods.

The graymail management solution in the appliance comprises of two components: an integrated graymail scanning engine and a cloud-based Unsubscribe Service. The integrated graymail scanning engine identifies graymail messages using various criteria and assigns them to different categories. The cloud-based Unsubscribe Service provides an easy mechanism for end users to unsubscribe from unwanted messages by checking the reputation of the unsubscribe links and performing the unsubscribe process on behalf of the end user.

According to the [Cisco Secure Email User Guide] , graymail is a category of email messages that are not spam but may be unwanted by some recipients, such as newsletters, promotions, or social media updates[ 5 , p. 25]. Marketin g is one of the subcategories of graymail that includes messages that advertise products or services[ 5 , p. 26].

The other options are not valid because:

A. Malicious is not a category for classifying graymail. It is a category for classifying email message s that contain malicious content such as malware, phishing, or fraud[ 5 , p. 25].

C. Spam is not a category for classifying graymail. It is a category for classifying email messages that are unsolicited, unwanted, or harmful[ 5 , p. 25].

D. Priority is not a category for classifying graymail. It is a category for classifying email messages that are important, urgent, or relevant[ 5 , p. 25].

The feature that must be configured before an administrator can use the outbreak filter for nonviral threats is antispam. The outbreak filter relies on the antispam engine to detect and block nonviral threats, such as phishing, malware, or spam campaigns. You need to enable antispam scanning and configure the antispam settings before you can use the outbreak filter.

To disable local spam quarantine before external quarantine is enabled on Cisco ESA, two steps are needed:

Select Security Services and click Spam Quarantine, which will open the Spam Quarantine settings page.

Uncheck the Enable Spam Quarantine check box, which will disable the local spam quarantine feature on Cisco ESA.