According to the [Cisco Secure Email Encryption Service Add-In User Guid e], you can create an encryption profile that defines the encryption settings and options for your encrypted messages[ 2 , p. 11]. You can also create an outgoing content filter that applies the encryption profile to the messages that match certain condition s, such as having [SECURE] in the subject header[ 2 , p. 12]. This wa y, you can allow users to flag the messages that require encryption by adding [SECURE] to the subject line.

The other options are not valid because:

A. Creating an encryption profile with [ SECURE] in the Subject setting and enabling encryption on the mail flow policy will not work, as the Subject setting in the encryption profile is used to specify the subject line of the encrypted message envelope, not the original message[ 2 , p. 11].

B. Cre ating an outgoing content filter with no conditions and with the Encrypt and Deliver Now action configured with [SECURE] in the Subject setting will not work, as this will encrypt all outgoing messages regardless of whether they have [SECURE] in the subjec t line or not[ 2 , p. 12].

D. Creating a DLP policy manager message action with encryption enabled and applying it to active DLP policies for outgoing mail will not work, as this will encrypt messages based on DLP rules that detect sensitive data in the message content, not based on user flags in the subject line.