[Feb-2022] Updated CCNP Security 300-720 Exam Questions BUNDLE PACK [Q33-Q55]

[Feb-2022] Updated CCNP Security 300-720 Exam Questions BUNDLE PACK

Master The Cisco Content 300-720 EXAM DUMPS WITH GUARANTEED SUCCESS!

Which Subjects are on the Cisco 300-720 Exam

Candidates must know the exam topics before they start preparation. Because it will really help them in hitting the core. Our Cisco 300-720 dumps will include the following topics:

Cisco Email Security Appliance Administration 15%
Email Authentication and Encryption 20%
Content and Message filters 20%
Spam Control with Talos SenderBase and Antispam 15%

Details about 300-720 Test

The Cisco 300-720 exam appears in the list of concentration tests that lead to the CCNP Security. This implies that you only attempt it after succeeding in 350-701 test that deals with matters to do with core technologies. Overall, you are given 1.5 hours to answer all the questions coming in the real exam, which is available in both English & Japanese. The test, in particular, will assess your understanding of the Cisco ESA in different areas. This includes administration, how well you can handle spam control as well as anti-spam, message filters, preventing the loss of data, and LDAP. You will also be tested on how to authenticate emails and encrypt them as well as matters to do with system quarantines in addition to delivery methods.

Is there any Prerequisites for Cisco 300-720 Exam

Prerequisites: None

NEW QUESTION 33
Which suboption must be selected when LDAP is configured for Spam Quarantine End-User Authentication?

A. Entity ID
B. Update Frequency
C. Server Priority
D. Designate as the active query

Answer: D

NEW QUESTION 34
A Cisco ESA administrator has several mail policies configured. While testing policy match using a specific sender, the email was not matching the expected policy.
What is the reason of this?

A. The To" header is checked against all policies in a top-down fashion.
B. The Tram* header is checked against all policies in a top-down fashion.
C. The message header with the highest priority is checked against the Default policy in a top-down fashion.
D. The message header with the highest priority is checked against each policy in a top-down fashion.

Answer: C

NEW QUESTION 35
An organization wants to use its existing Cisco ESA to host a new domain and enforce a separate corporate policy for that domain.
What should be done on the Cisco ESA to achieve this?

A. Use the deli very config command to configure mail delivery for the new domain.
B. Use the altrchost command to add a separate gateway for the new domain.
C. Use the smtproutes command to configure a SMTP route for the new domain.
D. Use the dsestconf command to add a separate destination for the new domain.

Answer: C

NEW QUESTION 36
Which suboption must be selected when LDAP is configured for Spam Quarantine End-User Authentication?

A. Entity ID
B. Update Frequency
C. Server Priority
D. Designate as the active query

Answer: D

Explanation:
Reference:
https://www.cisco.com/c/en/us/td/docs/security/security_management/sma/sma11-5/user_guide/ b_SMA_Admin_Guide_11_5/b_SMA_Admin_Guide_11_5_chapter_01010.html

NEW QUESTION 37
What are two prerequisites for implementing undesirable URL protection in Cisco ESA? (Choose two.)

A. Enable email relay.
B. Enable antispam scanning.
C. Enable antivirus scanning.
D. Enable outbreak filters.
E. Enable port bouncing.

Answer: B,D

Explanation:
Reference:
https://www.cisco.com/c/en/us/td/docs/security/esa/esa12-0/user_guide/b_ESA_Admin_Guide_12_0/b_ESA_Admin_Guide_chapter_01111.html

NEW QUESTION 38
What must be configured to allow the Cisco ESA to encrypt an email using the Cisco Registered Envelope Service?

A. provisioned email encryption profile
B. message encryption from a content filter that select "Message Encryption" over TLS
C. message encryption from the mail flow policies with "CRES" selected
D. content filter to forward the email to the Cisco Registered Envelope server

Answer: B

Explanation:
Reference:
https://www.cisco.com/c/en/us/td/docs/security/esa/esa12-0/user_guide/b_ESA_Admin_Guide_12_0/b_ESA_Admin_Guide_chapter_010010.html

NEW QUESTION 39
Which feature must be configured before an administrator can use the outbreak filter for nonviral threats?

A. quarantine threat level
B. data loss prevention
C. antispam
D. antivirus

Answer: C

Explanation:
Explanation/Reference: https://www.cisco.com/c/en/us/td/docs/security/esa/esa12-0/user_guide/ b_ESA_Admin_Guide_12_0/b_ESA_Admin_Guide_chapter_01110.html

NEW QUESTION 40
Which global setting is configured under Cisco ESA Scan Behavior?

A. attachment scanning timeout
B. actions for unscannable messages due to attachment type
C. minimum depth of attachment recursion to scan
D. minimum attachment size to scan

Answer: A

Explanation:
Reference:
https://community.cisco.com/t5/email-security/cisco-ironport-esa-security-services-scan-behavior- impact-on-av/td-p/3923243

NEW QUESTION 41
What is the order of virus scanning when multilayer antivirus scanning is configured?

A. The McAfee engine scans for viruses first and the default engine scans for viruses second.
B. The Sophos engine scans for viruses first and the McAfee engine scans for viruses second.
C. The default engine scans for viruses first and the McAfee engine scans for viruses second.
D. The McAfee engine scans for viruses first and the Sophos engine scans for viruses second.

Answer: A

Explanation:
Explanation
If you configure multi-layer anti-virus scanning, the Cisco appliance performs virus scanning with the McAfee engine first and the Sophos engine second. It scans messages using both engines, unless the McAfee engine detects a virus. If the McAfee engine detects a virus, the Cisco appliance performs the anti-virus actions (repairing, quarantining, etc.) defined for the mail policy.

NEW QUESTION 42
Which benefit does enabling external spam quarantine on Cisco SMA provide?

A. ability to back up spam quarantine from multiple Cisco ESAs to one central console
B. ability to scan messages by using two engines to increase a catch rate
C. ability to consolidate spam quarantine data from multiple Cisco ESA to one central console
D. access to the spam quarantine interface on which a user can release, duplicate, or delete

Answer: C

NEW QUESTION 43
Which two action types are performed by Cisco ESA message filters? (Choose two.)

A. non-final actions
B. filter actions
C. final actions
D. discard actions
E. quarantine actions

Answer: A,C

NEW QUESTION 44
An engineer is tasked with reviewing mail logs to confirm that messages sent from domain abc.com are passing SPF verification and being accepted by the Cisco ESA. The engineer notices that SPF verification is not being performed and that SPF is not being referenced in the logs for messages sent from domain abc.com.
Why is the verification not working properly?

A. SPF verification is disabled on the Mail Flow Policy.
B. SPF verification is disabled in the Recipient Access Table.
C. An SPF verification Content Filter has not been created.
D. The SPF conformance level is set to SIDF compatible on the Mail Flow Policy.

Answer: C

NEW QUESTION 45
Which action on the Cisco ESA provides direct access to view the safelist/blocklist?

A. Show the SLBL cache on the CLI.
B. Monitor Incoming/Outgoing Listener.
C. Debug the mail flow policy.
D. Export the SLBL to a .csv file.

Answer: D

Explanation:
Reference:
https://www.cisco.com/c/en/us/support/docs/security/email-security-appliance/117922-technote- esa-00.html

NEW QUESTION 46
Which two query types are available when an LDAP profile is configured? (Choose two.)

A. user
B. recursive
C. proxy consolidation
D. routing
E. group

Answer: D,E

Explanation:
Explanation/Reference: https://www.cisco.com/c/en/us/td/docs/security/esa/esa12-0/user_guide/ b_ESA_Admin_Guide_12_0/b_ESA_Admin_Guide_12_0_chapter_011010.html

NEW QUESTION 47
Which two configurations are used on multiple LDAP servers to connect with Cisco ESA? (Choose two.)

A. active-standby
B. SLA monitor
C. load balancing
D. failover
E. active-active

Answer: C,D

Explanation:
Explanation
You can enter multiple host names to configure the LDAP servers for failover or load-balancing. Separate multiple entries with commas.

NEW QUESTION 48
What is the default behavior of any listener for TLS communication?

A. preferred-verify
B. off
C. required
D. preferred

Answer: B

NEW QUESTION 49
Which attack is mitigated by using Bounce Verification?

A. spoof
B. denial of service
C. smurf
D. eavesdropping

Answer: B

NEW QUESTION 50
Which two factors must be considered when message filter processing is configured? (Choose two.)

A. lateral processing
B. message-filter order
C. MIME structure of the message
D. mail policies
E. structure of the combined packet

Answer: B,C

Explanation:
Reference:
https://www.cisco.com/c/en/us/td/docs/security/esa/esa12-0/user_guide/ b_ESA_Admin_Guide_12_0/b_ESA_Admin_Guide_chapter_01000.html

NEW QUESTION 51
Which type of attack is prevented by configuring file reputation filtering and file analysis features?

A. backscatter
B. denial of service
C. zero-day
D. phishing

Answer: C

Explanation:
Reference:
https://www.cisco.com/c/en/us/td/docs/security/esa/esa12-0/user_guide/ b_ESA_Admin_Guide_12_0/b_ESA_Admin_Guide_chapter_010000.html#con_1809885

NEW QUESTION 52
What are two primary components of content filters? (Choose two.)

A. conditions
B. content
C. policies
D. actions
E. subject

Answer: A,D

Explanation:
Explanation/Reference:
https://www.cisco.com/c/en/us/td/docs/security/ces/user_guide/esa_user_guide_11-1/ b_ESA_Admin_Guide_ces_11_1/b_ESA_Admin_Guide_chapter_01010.pdf

NEW QUESTION 53
An Encryption Profile has been set up on the Cisco ESA.
Drag and drop the steps from the left for creating an outgoing content filter to encrypt emails that contains the subject "Secure:" into the correct order on the right.